Skip to the content.

Native Clients (Android/iOS/..)

First step

Recommendations and no-go’s

Authentication Using Client ID and PKCE

Before the /authorization request, the client app will generate the code_verifier, a cryptographically random string using the characters A-Z, a-z, 0-9, and the punctuation characters -._~ (hyphen, period, underscore, and tilde), between 43 and 128 characters long.

The code_verifier is then used to generate the code_challenge. The code_challenge is a BASE64 URL encoded string of the SHA256 hash of the code_verifier.

The code_challenge and the code_challenge_method are sent on the /authorization request along other parameters. The code_verifier is sent on the /token request so the authorization server can verify that the client requesting the tokens are the same that did the /authorization request.

Android

Read Handling Android App Links, and especially Verify Android App Links

TelenorID Plus Android SDK

You configure the SDK with your client credentials and for which environment they are configured, either staging or production.

You need to request access to the GitHub Repository if not already a member of TelenorNorway.

More information: TelenorID SDK - Android

iOS

You configure the SDK with your client credentials and for which environment they are configured, either staging or production.

You need to request access to the GitHub Repository if not already a member of TelenorNorway.

More information: TelenorID SDK - iOS