Hi @sumjash,
In general, we do not recommend using Embedded Login or Resource Owner Password Grant flow unless there are highly trusted clients and no other options.
For Native apps to work with SSO, we recommend using the New Universal Login experience. You can learn more about it in the following documentation:
- Centralized Universal Login vs. Embedded Login
- Is SSO possible between a Native App and Regular Web App?
Additionally, you should use the Authorization Code Flow with Proof Key for Code Exchange (PKCE) over the Resource Owner Password Grant flow. This way, you prevent any potential security risks that come from using ROPG with a low-trust public client.
We have a sample Native quickstart app that you can reference to build your app:
Let us know if you have any questions.
Thanks,
Rueben