The mobile application (yourapp) must be programmed to perform the following tasks:

  1. Register during installation, its own customized URI scheme (e.g., yourapp://...) in the mobile's operating system.

  2. Start OAuth 2.0 authorization (or OpenID Connect authentication) with UAEPass in the WebView.

  3. Monitor the WebView's URL to intercept the Mobile ID's URI scheme (by default,mobileid://...).

  4. In the Mobile ID's URI, change the callback URLs so they use the URI scheme of your app instead of https, propagating the original callback URL via a parameter.

  5. Launch the Mobile ID application, opening the modified URI in the system.

  6. Process incoming URLs that use the customized scheme (yourapp://...), retrieving the original callback URL from the parameter.

  7. Open the original callback URL in the WebView so the authorization server can take over again and complete the OAuth authorization.

  8. Monitor the WebView URL to intercept the OAuth redirect URI, which indicates the completion of the authorization phase.

Note: See the documentation for the mobile's operating system for how to perform these tasks, in particular the communication between applications using customized URI schemes.

Make sure to use your own app scheme instead of uaepassdemoapp:// in both Staging and Production environment in order avoid app redirection issues from your app to other service provider apps.

Last updated