RFC 8252 — OAuth 2.0 for Native Apps by node

This document recommends how OAuth 2.0 authorization requests from native apps should be made: the authorization code flow with PKCE, carried out in the device's system browser rather than an embedded web view.