Thursday, July 4, 2019

Mobile Single Sign-On

The other day, we were at customer's site and the discussion was on Mobile Single Sign-On (MSSO). This customer will be launching a few mobile applications and he would like users to have the convenience of not having to sign-on every time a mobile application is launched.

Traditional Mobile Single Sign-On

The traditional method of achieving MSSO is to develop yet another mobile application to act as a SSO Wallet and the SSO Wallet will act as the bridge between the various mobile applications and the Identity Provider (IdP). 

I'm using Gluu Server as an example now. But IdP can be any federation solution. 

Modern Mobile Single Sign-On

In iOS and Android, simple MSSO solutions are provided by tapping on the Cookie concept in browser.

For iOS, SFSafariViewController is recommended, while in Android, Chrome Custom Tabs is suggested. 

Quite convenient to implement.

Of course, we did discuss about a scenario whereby Chrome browser is not installed, then MSSO on Android will fail. This can be overcome by user education.