Why using Oauth2-openID Connect for mobile apps ? Quite often mobile applications tend to store the user credentials to connect to the application on the mobile device itself.
What if your mobile get lost or stolen ? It means that one that anybody could access directly to your apps, get hold of all your private information with the devastating effect you can imagine
This one is a major security breach.
Nowadays the emergence of Oauth2-openID Connect technology allows the user to no longer store user credentials on the mobile device itself. Instead the user will get a long like token, called « refresh token ». If your mobile device get compromised, it is possible to revoke this refresh token on the authorization server itself. It means that any further invocation to use the refresh token will no longer be valid.
Using Oauth2-openID connect technology is one of the most effective way to protect your mobile device as you no your credentials can no longer be obtained if your device stolen or lost.
Further articles:
- New Keycloak online training - 19 janvier 2022
- Sizing Keycloak or Redhat SSO projects - 8 juin 2021
- Keycloak.X Distribution - 28 janvier 2021