We have a REST API in salesforce to create cases.We want to access the same API from Android/IOS App to create a case.Here my problem is authentication.
We are using OAuth 2.0 user agent flow for authentication because in username-password we need to expose username and password so we don't want to use that flow to get the access token. In User Agent flow should the user need to enter the password or it will authorize based on authorization code?
If user need to enter the password how we will avoid because the user will be customer they don't have any password and username ,can we store password and use it to for logging automatically.
Thanks in advance
