Bootstrapping OAuth for mobile apps using QR codes

V. Giralt, M. Baleriola, I. Pérez-Martín, A. Muñoz, J. Canca


The current trend to do as many things as possible using mobile devices prompted the University of Málaga Central ICT Services to plan the development of mobile apps that would allow access to student data stored in the student management systems. Allowing access to personal data required strong authentication of the users and a secure way of storing credentials in otherwise insecure devices. Most mobile devices used by the student population have cameras that can scan QR codes and act on them. So, inserting a QR scan in the application installation process was an easy way to go. The initial application is able to send alerts to the registered handsets and allow for reviewing published exams results. The app got over two thousand registered devices in five days.


Mobile apps; QR codes; Oauth; identity management

Full Text:



PhoneGap website (2013). PhoneGap framework. Retrieved May 1st, 2013, from:

Hammer-Lahav, E., Ed. (2010). RFC 5849: The OAuth 1.0 Protocol. April, 2010. Internet Engineering Task Force. ISSN: 2070-1721

DOI: 10.7250/eunis.2013.048


  • There are currently no refbacks.

EUNIS 2013


ISBN  978-9934-10-433-6 - online