Should I use Universal Links / Android App Links in ReactNative code that uses AuthSession.AuthRequest from expo-auth-session? Specifically, I pass a redirect URL to that method and the server-side code uses that URL to send an auth code to my mobile app.
If I add the redirect path to my files in .well-known will that alone prevent hijack of that URL? If not, is there something I need to do client-side beyond calling AuthSession.AuthRequest to 'claim' the URL to provide that security? (I'm assuming adding an intent filter isn't the answer since the AuthSession.AuthRequest method handles the setup of the link?)
Note: Based on this video, I do think that the links used by OAuth qualify as deep links. However, I'm still not sure whether they can / should be configured as Universal Links / Android App Links.