Hey folks, I’m in the process of setting up Kratos for use with a React Native mobile app. I’d like to implement a flow that generates short-lived access tokens and long-lived refresh tokens. I’ve also been asked to keep the login UI in React Native, not in a browser/webview. The app is a first-party client, and it’s notably the
only app or website where these identities will be used (we’re not providing single sign-on to other apps or websites).
I can’t seem to figure out a way to do this. My two approaches so far have been:
A) Use Kratos with the
login flow for clients without browsers, which returns a session token for use. This is a long-lived value, and there’s no equivalent “refresh” functionality.
B) Use Hydra connected to Kratos, and use an OAuth2 flow (per
this blog post) to grant an access and refresh token. However, this seems to require a browser/webview in the flow, as Hydra
doesn’t implement the Password Credentials grant type.
Is there a way to have a native UI for login, but still use access and refresh tokens instead of a session token?