This article (Native apps and the NAPPing giant for mobile SSO) from Ping Identity is good read. It talks about the limitation of OpenID Connect for mobile native applications.
... native application model should be with us for a while...
Federation protocols such as SAML, WS-Federation, and OpenID - designed to enable SSO for browser applications, don't work so well for native mobile applications. Consequently, OAuth, and more recently OpenID Connect, have emerged.
While optimized for the authorization and authentication of native applications, OAuth 2.0 and OpenID Connect do not themselves enable SSO across native applications, i.e. the authentication performed for one application is not generally shared for a different native application.
In OpenID Foundation, a new group - Native Applications (NAPPS) Working Group will define a profile of OpenID Connect (OIDC) that will enable a standardised cross-app SSO experience - for both consumer-centric and enterprise applications.
Pretty cool!
.
No comments:
Post a Comment