Mobile Single-Sign-On
From IIW
Session Topic: Mobile Single-Sign-On
Convener: Sascha Preibisch
Notes-taker(s): Sascha Preibisch
- Topic: Mobile Single-Sign On (MSSO)
- goal: users should only login to the first app using username/ password. This app will receive an access_token and an id_token. The id_token will be shared with other apps. Other apps will reuse the earlier issued id_token to request their own access_token
- target environment: enterprise apps, signed by the same developer key
- what was discussed/ showed:
- explanation how mobile single-sign on can be implemented using OAuth, OpenID Connect and JsonWebToken
- client apps would keep their oauth access_token for them selves but they would share the id_toke
- client apps would also share an app-generated private key which would be used for ssl with client authentication if it is required