unable to finish code exchange flow from native app

Liat Netach 1 Reputation point


We're trying to use Azure AD as SSO / OIDC provider for both our web and native application.
The web flow works as should (they use HTTPS redirect URL)
We have an issue finishing the code exchange flow on the mobile side (costume scheme for the redirect URL f.e- myapp://oauth/...)
we registered the mobile redirect URL under Mobile and desktop applications (we are using react-native)

first I will say that both the website and the native apps use the same server-side.
(In mobile we are using the react-native-app-auth library for return to the app and getting the Code after the user authenticate)

We're getting an authorization code also in the mobile via the /authorize endpoint but then when we send the code to our server in order for him to call to the token endpoint and to do code exchange- an error occurs invalid_client.

There should be any differences between the POST to the token endpoint when we started the flow from the website to when we started the flow from mobile (with redirect URL that is in the mobile platform in the portal)? of course, the configuration remains the same except for the redirect URL.

BTW with another OpenID provider, we manage to authenticate so I really can't understand the difference :/

I will appreciate any comment!

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,416 questions
{count} votes