Open
Description
Configuration
- Version: 0.X.Y
- Integration: (native(Java/Kotlin))
- Identity provider: OpenID
Description
The hackers should be able to claim custom scheme used in the redirect_uri parameter such that they can intercept the authentication code/token in Andriod.
Here is the related article.
https://blog.ostorlab.co/one-scheme-to-rule-them-all.html