In this scenario nextAuth is used to log in to a remote server from the app itself. The app incorporates the nextAuth Mobile SDK.
We assume that the app connects to the application server over HTTPS (e.g. using a REST API or a website that is rendered in an embedded web viewer). Your application server will have to enforce the validation of session tokens, by calling the NS through its privileged REST API (e.g. getSession).
In principle, the session identifier can be chosen by the app, although we recommend obtaining the actual data from a login QR from the application server (using getQrLogin). The application server can send this QR data to the app through a HTTP header or using a dedicated REST API call.
When using an embedded web viewer, the strategy for app-to-app authentication can also be applied.
Once the login QR data has been obtained from the server, the same login flow can be followed as a regular login.