Alexandru Gologan

Really depends on your Idp having implemented end-session correctly. If they have and you pass in the correct id_token_hint before it redirects back to the app it will clear your...

@bhavnamulani see https://github.com/openid/AppAuth-Android#customizing-the-connection-builder-for-http-requests Back on topic: As a maintainer I've always viewed `performActionWithFreshTokens()` as a convenience method for prototyping rather than the way to do authenticated calls long term. I've...

Having tested this on `114.0.5735.196` both with AppLinks and custom scheme worked as expected. Did notice if the user is being auto-logged in (having already logged into the host domain...

TVs usually use a device authorization flow [RFC 8628](https://tools.ietf.org/html/rfc8628) which is what AppAuth-iOS seems to implement. One developer has been gracious enough to contribute a PR for this a long...

Retrieving a new token shouldn't prompt the user unless the user's session has expired. There might be some misunderstanding here.

OIDC is a specific extension of OAuth 2.0 to authenticate and authorize users where the end-user specifically doesn't hand his credentials to the 3rd party app it authenticates in. There...

First login flow: 1. open app & tap login 2. open webbrowser 3. have user enter username/pass into the identity provider (be it 3rd party, Facebook, Google, Okta, etc or...

The AppLink won't work if you type it in manully in the browser. It will however work if you tap the link in another page. Another way to verify the...

You may be experiencing what I described here: https://github.com/openid/AppAuth-Android/issues/960#issuecomment-1631442105 Redirecting back to the app if the user is already authenticated requires some sort of user interaction. This is already implemented...

From what I could tell going to the same page or reloading is not considered navigation in Chrome thus triggering AppLinks. Since you can edit auth-success.html put a link to...