A lot folks have many applications on different platforms, and one common ask is how do we sign in from platform such as mobile to say a web app? The goal is a frictionless use experience approach across devices. Below is a demo of this flow using the Proxy Approach:
Positives of this Approach:
-Very Flexible and works in any scenario(user session expired, native login form experience)
-Little to no code in your target apps will have to change
-Very Easy to Audit
- You have to own the proxy(the code, and where it is hosted)
-Recommend encryption to prevent any form of id token leakage
There are other approaches as well that we will also work to cover in other posts.