OAuth 2.0 - Native Application


Native application can be used as instance of desktop or mobile phone application, which uses the resource owner credentials. It is a public client installed that executes on the resource's owner device.

The authentication credentials used by the application are included in the application code. Hence, do not use the native application that runs in the external user agents.

The following diagram shows the architecture of the client native application −

OAuth 2.0 Native Application

Step 1 − First, the user accesses the resources of the resource owner by using authenticating application such as Google, Facebook, Twitter, etc.

Step 2 − Next, the native application uses client Id and client password to log on to the authorization server. The native application is an instance of desktop or mobile phone application, which is installed on the user computer and stores the client password on the computer or device.

Step 3 − The authorization server allows accessing the resources from the resource server using the client credentials.

Step 4 − The resource server contains the resources, which are owned by the resource owner.