Abort authorization code with PKCE request with data

[abdallah-odeh]

Hello there, I am trying to implement the a device registration scenario,

1. the user clicks Login
2. a webview is opened to login using Authorization code with PKCE flow
3. after a successful login and right before issuing a token
   • if used device is already registered for user
   • then we issue a token & authenticate the user
   • else
   • we abort the login process, redirect the user to device registration cycle
   • after completing the device registration, we redirect him back to login

currently, the device registration cycle is implemented in the webview the question is; is there a way to close the webview (without access token object) and return an error to the user along with some info (user id, device id, tenant id, etc ...) to be able to go through device registration cycle from mobile side

thanks in advance

[MaikuB]

What you've described there isn't do with the plugin but more to do with your own auth flows. This comes down to your identity provider and understanding how OAuth works so is something you would need to do research on