Say “Sign Sign On (SSO)” to most developers, and they immediately think web browsers and web servers. For the most part, SSO is a solved problem in the enterprise, using technologies like SAML and federation to reduce the login burden for users. But what happens when the client isn’t a browser, but a sophisticated native app running on a mobile device? And what if you need to share authentication session across multiple native apps on your phone? VPNs won’t cut it here because they offer a terrible user experience. So what do you do? 

In this session, we’ll look at real world solutions that give apps secured access to APIs and data. Using an emerging profile for OAuth and OpenID Connect, we will show how to offer mobile users a single sign on experience that is shared across apps and shared across remote servers.

You will learn:

• Why traditional SAML failed for APIs, and why OAuth+OpenID Connect is the better solution
• How to share sessions across apps in iOS and Android without jailbreaking
• The implications for hybrid apps developed using Cordova
• Libraries that make mSSO implementation trivial for developers