Mobile Native Application SSO
Entering a username and password on a mobile device, such as a smartphone or tablet, is more painful than when using a standard keyboard, and for the typical user, the number of applications requiring an account password seems to grow without bound.
In addition, for many reasons, the use of native applications on mobile devices is preferred over web applications. So, is there a way to use modern Federated Identity protocols to enable Mobile Native Application Single-Sign-On in addition to Web Application SSO?
Native Application SSO can be achieved in at least two different ways. First, the standard browser-based flows that are used in Web SSO (e.g., OpenID Connect) can be applied to mobile native applications, providing a direct, if minimalistic approach to enabling native app SSO. Alternatively, the use of a Token Agent to broker the authorization requests and manage the delivery of access tokens to the native applications may provide a set of features and benefits not available otherwise.
In this short video, we provide a high-level overview of browser-based SSO, describe how it might be used for Native Application SSO, and discuss the benefits of a Token Agent as proposed by the Native Application SSO (NAPPS) working group of the OpenID Foundation.