Hi Siddharth,
Yes, Mendix provides a secure and structured way to handle OAuth 2.0 authentication in native mobile apps.
The recommended approach is to use the AppAuthenticator module available on the Mendix Marketplace. This module helps manage the full OAuth 2.0 flow, including redirecting to the provider’s login page, receiving the access and refresh tokens, and handling token refresh when needed.
In a native mobile app, you typically start the authentication flow by using the “Open URL” action from the NativeMobileResources module. This opens the OAuth provider’s login screen in the device’s browser. After the user logs in, the provider will redirect back to your app using a custom URL scheme (e.g., myapp://oauth-callback). You can handle this redirect using AppEvents (OnResume event) or with Deeplink support, depending on your setup.
Once you capture the access and refresh tokens, store them securely using the Secure Storage actions. These tokens should never be stored in plain local storage for security reasons. Then, for each API call to the third-party service, retrieve the token from secure storage and include it in the Authorization header of your REST request.
Also, don’t forget to handle token expiration. You can check if the token is expired (or close to expiring) and then use the refresh token to request a new one, keeping the user logged in without asking them to reauthenticate frequently.
So in short:
Use AppAuthenticator to manage OAuth.
Use Open URL to launch the login page.
Handle redirects with AppEvents or Deeplink.
Store tokens securely with Secure Storage.
Attach tokens dynamically in API requests.
Implement token refresh logic.
This setup gives you a secure and user-friendly way to integrate third-party OAuth 2.0 APIs in your Mendix native app.
Hope it helps!!