The ForgeRock SDKs provide two methods for implementing authentication in your applications:
- Embedded authentication
The app developer is responsible for building the login and registration UI.
When using embedded authentication, the SDKs do not store user credentials on the device or in the browser.
- Centralized authentication
Android and iOS use the OAuth 2.0 for Native Apps for centralized authentication, based on RFC8252, which is recommended way for third-party applications to authenticate in terms of security, as user credentials are never exposed to the third-party web or native application.
Both options have their merits and drawbacks, and the choice usually depends on your use case. For more information, refer to Choose how users authenticate.
The ForgeRock SDKs also use the following protocols for authentication:
- WebAuthn for Mobile and Web Biometrics
Based on the WebAuthn W3C spec.