问题
How is one meant to implement a registration flow for Mobile Apps which use Identityserver 4 as the IDP?
My setup is as follows:
- Mobile App (Xamarin Native + IdentityModel.OidcClient)
- Identity Server 4 (OIDC Identity Provider)
- API (Secured by Identity Server JWT Token + Register endpoint which creates a user in the IDSRV4 DB)
What I would like to achieve is this:
- User is shown a register screen within the mobile app (NOT in-app browser)
- Mobile app makes a request to the Register API endpoint to create the user into Identityserver
- User is logged in to the mobile app with the newly created user account without having to re-enter their credentials again
Is it a good practice to create a user using an API endpoint? Or should this be done in an in-app browser?
I know it doesn't quite make sense that the user gets logged in into Identityserver without having to enter their username/password. But can this be done with some sort of One-Time-Access-Code as shown here: https://benfoster.io/blog/identity-server-post-registration-sign-in ?
来源:https://stackoverflow.com/questions/60187173/oidc-register-auto-login-flow-for-mobile-apps