What's a safe way to sign into your react native app using an existing web app/server?
As the title suggests, I'm starting to work on a React Native project that will be an extension (or side app) of another company's already-existing web application. They already have thousands of users in their DB and their own server of course. We have just started conversations with them about them opening up their APIs for us to extend our additions to their product on the app, however, their team is also small and it seems like they also don't have experience with sharing credentials across apps without fully opening up the API (there's a security concern, I suppose mainly around attacks).
I have seen some patterns used on some apps where it seems like RN opens up the web app's login page on a webview and via a callback stores credentials. However I'm not sure if that's a) really possible, b) secure, c) the most efficient way.
Mainly looking for guidance or resources as I work on this investigations. Happy to clarify as much as I can if anything is not clear.
0 Replies