Hi,
I’m using Auth0 on android and iOS Native.
I’ve found the solution for IoT device authentication (Device Authorization Flow
)
But at the step [User authorization] (Browser Flow) I found out the only solution for activate the access_token for the device is only by browser.
Is there any other solution in native sdk or perhaps by restful sending credentials or tokens with device_code?
Our company is trying to implement Auth0 for an IoT device. See the attach file.
We base on the premise that we do not want to store secret’s or credential in IoT device. So machine-to-machine flow can’t work out.
So we want to achieve that app could assist device to login without too much interaction, such as typing code, web popup etc. It would be better if it could work in background, we don’t want to break user experience. It’s like SSO but cross device.
Is there any workaround for this situation, thanks for helping. It would be great if we have a solution.
I am not sure this is possible with a native app as you describe, because it is necessary to have the redirect to login/authorization. It is possible that an active auth0 cookie session could make the user not have to provide credentials, but that would rely on the browser already having that session.
At this point, users are very used to the experience of authorizing an IoT device via this flow, it is standard.