# WorkflowGen Plus v2
## Overview
Mobile applications must use an approach similar to that of regular web applications, which is called **Authorization Code Flow with Proof Key for Code Exchange (PKCE)**. The main difference between this and the classic Authorization Code Flow is that the mobile application doesn't get a client secret, but instead exchanges a pair of codes to prove the origin of the authentication attempt. The issue is that a mobile application can't be trusted with a client secret because it's distributed directly to users and is therefore no longer under the developer's control, and the sources can be decompiled and analyzed to find secrets like this.
This section provides instructions on how to configure Auth0 for the WorkflowGen Plus mobile application so that your mobile users can benefit from delegated authentication as well.
## Prerequisites
* Make sure to have a licensed copy of WorkflowGen installed and running on a server.
* Make sure to have administrative access to Auth0 to be able to configure it properly.
* Make sure to have provisioned an existing Auth0 user with which you can authenticate to WorkflowGen so that you can use the application afterwards.
* Make sure to have the WorkflowGen Plus mobile application installed on a device that you have access to.
* Make sure to have the latest WorkflowGen Plus version installed on your device and that your device is supported.
* Make sure to have successfully configured delegated authentication to Auth0 on your WorkflowGen instance following the instructions in the [Auth0 authentication](https://docs.workflowgen.com/tech/9.0/auth0-integration/..#auth0-authentication) section.
## Auth0 configuration
This configuration is done in several steps. First, you have to register a new native application in Auth0. Then, you have to give the application the necessary permissions to access the WorkflowGen GraphQL API. Finally, you have to register the correct callback URLs that will redirect within the native application.
### Step 1: Register a new native application
1. In the Auth0 portal, click **Create Application** in the **Applications** section.
2. Fill in the form:
* **Name**: `WorkflowGen Plus`
* **Type**: `Native`
3. Click **Create** at the bottom of the page.
You've now registered a new native application in Auth0.
### Step 2: Add callback URLs
1. On the **Settings** tab, scroll down to the **Allowed Callback URLs** and add the URL `workflowgenplus://oidc`.
2. Scroll down further to the **Allowed Logout URLs** section and add the URL `workflowgenplus://oidc`.
### Review the registration
You don't need to give the application access to the GraphQL API since all applications (except for machine-to-machine applications) have access to all registered APIs within a domain. Here's a review of the information you need:
* A client ID, which can be found on the native application page's **Settings** tab.
* An Auth0 domain name, which can be found directly to the left of your profile picture on the top right corner of the page.
{% hint style="success" %}
All of this information must be given to the users who will be using the mobile application; they'll need to copy them directly into the app.
{% endhint %}
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.workflowgen.com/tech/9.0/auth0-integration/workflowgen-plus-v2.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.