Hello,
We are in the process of testing enterprise single-sign-on for your iOS / Android mobile app and have a few questions:
1) Do you support federated authentication from your mobile app via SAML/OAuth/OpenID Connect? If Yes, which one method ?
2) Once the user is authenticated via federation, how often does the user get prompted for authentication again? (i.e., do you cache an authentication token so that the user is not prompted every time they launch the mobile app?)
3) Does your mobile app use any of the following embedded browsers for user-authentication. If Yes, which one?
- iOS: SFAuthenticationSession (on iOS 11) and SFSafariViewController (iOS 9, 10) ?
- Android: Chrome Custom Tabs
- AppAuth SDK
4) Does your mobile app register an app URL scheme that can be invoked to complete enterprise SSO ? Typically an app registers a URL scheme that can be invoked with (SAML/OAuth) authentication token as a parameter. When such a URL is invoked, the mobile app completes the authentication flow with its backend web-service (via direct APIs or an embedded web-view) ?
Thanks
