Native App URI Handlers

Full Title or Meme

A Native App can register to intercept URI calls (eg HTTP and other schemes) from the browser on the User Device,

Many web applications would like to improve their User Experience by installing a Native App on the user device to provide more performant responses to user input. This has been enabled on most User Devices by operating system enhancement that allow the registration of the web site's URL and intercepting HTTP requests so that they can be partially or fully handled on the local device.

Several Identity Management problems can potentially be solved by this same mechanism.
If the user wishes to create Self-issued Identifiers that can act like Identifier or Attribute Providers to a Relying Party they can install such a provider on their own device and redirect calls for authentication back to themselves.

Linking to Apps is available in all of the major mobile planforms, Android, Apple IOS, Microsoft UWP.
- But note that Chrome 72 (at least on Android) had a bug as tracked on this site/
OpenID has published Self-issued OpenID Connect Provider.
Self-issued Identifier
Best Practice and Example Self-issued Identifier
Certification of the Native App please refer to page Native App Security.
The Native App should perform all Authentication of the user by way of a browser (User Agent) selected by the user and running on the user's device using a trusted Identifier or Attribute Provider.
Pre Oauth Entity Trust describes a means to represent third-party application endorsement for health care applications. POET’s goal is to help consumers distinguish between applications that have an endorsement versus applications that have no pedigree (i.e untrusted and could be malicious).