OAuth for distributed app

(Matthew Butt) #1

I’ve created a native mobile app that requires a SmartApp for its web API. Now that ST isn’t approving public apps I need to ask each user to install the app themselves. However, for each user app install a new client ID & secret is created, which means that the user has to add that id & secret into the mobile app for it to authenticate with their ST account.

The friction for users here is very high… are there any other ways I can make this work?


(ActionTiles.com co-founder Terry @ActionTiles; GitHub: @cosmicpuppy) #2


The current security policies and/or architecture do not provide “any other ways”.