GitHub user breautek added a comment to the discussion: OAuth connection to system's default browser
To answer your question, In app browser's target attribute controls where to open the URL inside the plugin's [open](https://github.com/apache/cordova-plugin-inappbrowser?tab=readme-ov-file#cordovainappbrowseropen) api. In this case you'd want the `_system` target. >  But I think it's worth noting that when using the system browser, inter-communications with the in-app-browser view is limited, you wouldn't be able to pull access tokens. Listener events are only available for `_blank` targets as [noted here](https://github.com/apache/cordova-plugin-inappbrowser?tab=readme-ov-file#inappbrowseraddeventlistener), which means you can't post messages to and from the browser back to your app. I'm not an oauth expert, nor do I use any oauth flow in my apps but I do know that most OAuth implementators block webviews because app hosts can manipulate the login screen which makes them untrustworthy. (Which is why I assume you're trying to use the system web browser). But because you can't pull out acccess tokens, I'm not sure how far the system web browser will get you for oauth integration. You may need a native oath implementation that implements the android (and/or ios) oath flows exposed by a cordova plugin to get an oauth flow properly integrated in your app, instead of relying on web-based oauth flows which are intended to only work in traditional web environments that can be relatively trusted by the vendor. GitHub link: https://github.com/apache/cordova/discussions/540#discussioncomment-12992963 ---- This is an automatically sent email for issues@cordova.apache.org. To unsubscribe, please send an email to: issues-unsubscr...@cordova.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@cordova.apache.org For additional commands, e-mail: issues-h...@cordova.apache.org
