OAuth2 not implicit flow, POST username and password

I am a mobile dev, now for a project need to authenticate with a backend service using identityserver4 and OAuth2.

The project has things set up so it is using OIDC for authentication.

BUT

It is on a “password” flow, so is not implicit flow (login on a browser to FB, Google, and come back to the app after that).

So basically I just ended up using fetch request to do a POST to the server with the username and password…
Then get token and refresh token and take it from there…

So, my question is, what is the benefit of using OIDC? if the username and password will be sent anyway? (HTTPS)

Is this a common thing? I couldn’t find a library on react native for OIDC that didn’t use the browser. The most similar thing was a library on node

Go to Source
Author: manuelBetancurt