This documentation is for WSO2 Identity Server 5.3.0 . View documentation for the latest release.

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


Typically implicit grant type is used with these clients.Moreover, refer


 Refer this blog


post to learn more on protecting SPAs in accessing OAuth 2.0 secured APIs.

Native Application

A native application is a public client installed and executed on the device used by the user.  Typically, mobile applications and desktop applications fall in this category. Here, protocol data and credentials are accessible to the user.  It is assumed that any client authentication credentials included in the application can be extracted.  At a minimum, credentials are protected from hostile servers with which the application may interact, and on some platforms, these credential might be protected from other applications residing on the same device.