>I want to try your thing, so I press cancel? That doesn't seem terribly intuitive. I thought your main selling point was usability.
To be precise that depends on client implementation, we will use a popup that doesn't even redirect anywhere.
[1] - exactly my thoughts. Web is a good way to go, but the apps are what many security-minded folks require, so it's both.
> Apple could decide to amend their "Application may not download or install executable code" clause to include JS apps that it didn't before
I kind of support that anti Unrollme policy. They could outlaw all Cordova apps, but that would be a disaster. It makes me think to make going back to web app easier, will look for a way.
It's definitely not an easy problem. I hope I haven't come off as too harsh. Client certificates would be great. I think you write off the value of hardware tokens too quickly, but by all means, look at other ways. Auth is one of the first things any of us have to do when putting together a service. This is something a lot of us have studied for a long time. Welcome to the party :)
To be precise that depends on client implementation, we will use a popup that doesn't even redirect anywhere.
[1] - exactly my thoughts. Web is a good way to go, but the apps are what many security-minded folks require, so it's both.
> Apple could decide to amend their "Application may not download or install executable code" clause to include JS apps that it didn't before
I kind of support that anti Unrollme policy. They could outlaw all Cordova apps, but that would be a disaster. It makes me think to make going back to web app easier, will look for a way.