Hello My name is Omer, and I am working at Soluto. We wanted to find a way to authenticate our mobile application, without any user interaction - as this will affect the user experience. We developed a new authentication flow, similar to JWT client assertion. I've gave a talk about this flow in a few conferences, and the main feedback was that it is interesting enough to consider writing a RFC about it. Currently I'm looking to hear more opinions before starting to write RFC - so any feedback will be appreciated. I'm also looking for someone to help me getting started and reviewing the RFC - if you're interested let me know. To find more about this solution: - This is a blog post describing it: https://blog.solutotlv.com /userless-mobile-authentication/ - This is a link to the slides (recording should be available soon): https://www.slideshare.net/SolutoTLV/authentication-w ithout-authentication-appsec-california
Thanks Omer
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
