I'd like to authenticate users on both a native mobile app and API backend via third-party services like facebook, google, etc. As I understand it oauth2 allows "clients" -- like native mobile apps and backend APIs -- to authenticate against third-parties following a request, authorization and access token dance.
But what I am not clear on is: if/how is authentication "shared" between the mobile app and the backend API? Further, how is the authentication status maintained and monitored by the mobile app and backend API respectively when using oauth2?
Aucun commentaire:
Enregistrer un commentaire