Authorization Flow native app -> Web Service

Hi All,

can anyone give me a quick breakdown of the architecture/flow of authentication+authorization if i have a web app which exposes one endpoint to a mobile app which i am also developing?

Both the web app and mobile app will have logins for authentication then the endpoints will use token authorization to make api call.

What does that flow look like?

Hi mb1990,

You may find this link useful -
The specific flow can be found here

For a mobile app calling an API, I would encourage you to use PKCE.

Please let me know if you need further assistance.