A hosted journey is the integration mode where Strivacity serves and renders the entire authentication UI. The application hands off the user to Strivacity, and the login flow runs on the Strivacity-hosted page. When the authentication completes, the user is returned to the application with an authorization code.
This mode is available on all platforms. On mobile, the hosted UI opens in the system browser.
How it works
- The application initiates an OAuth 2.0 PKCE authorization request via the SDK.
- The user is taken to the Strivacity-hosted login page.
- Strivacity handles all authentication screens and state transitions.
- On completion, Strivacity redirects back to the application's configured redirect URI with an authorization code.
- The application exchanges the authorization code for tokens via the SDK.
Required client type
A hosted journey requires the client type OIDC using no-code components registered under your application in the Strivacity Admin Console.
SDK support
JavaScript SDK
The JavaScript SDK supports two display modes for the hosted journey. The mode is set at initialization time.
| Mode | Behavior |
|---|---|
| redirect | Full browser navigation to the hosted login page. The current page is replaced. |
| popup | The hosted login page opens in a pop-up window. The current page stays visible. |
Mobile SDKs
On mobile, the hosted login page is opened in the system browser component, following OAuth 2.0 best practices for native apps. This applies to the Android, iOS, and React Native SDKs.
| Platform | Browser component |
|---|---|
| Android in-app browser SDK | Chrome Custom Tab |
| iOS In-App Browser SDK | ASWebAuthenticationSession |
| React Native | Follows the platform (Custom Tab / ASWebAuthenticationSession) |