dp

> Such a feature needs to be carefully design to be secure. If all B wants the user to get the same principal as they have on app B, then...

I am exploring https://reactnative.dev/docs/security#oauth2-and-redirects Deeplinking should not be used to pass secrets; and the internet-identity does not supports PKCE;