App-to-web single sign-on
Introduction
App to Web Single Sign-On allows you to take a session from your mobile application and extend it to a browser on the same device. This is useful for giving a seamless experience to your users when they transition from the mobile application to the website where more functionality likely exists. This functionality can only be used when using the Onegini CIM identity provider as it is a unique feature of the Onegini Consumer Identity Manager. This can be configured in the Onegini Token Server Admin.
The Onegini SDK allow you to specify a target URI where authentication is required. This URI must be configured in the Action Token configuration of the Onegini Consumer Identity Manager. It will then verify that your mobile application's session is valid and establish a session with the IDP before redirecting the user to the target URI with them automatically logged in.
To use the functionality, call the UserClient#getAppToWebSingleSignOn
with the target URI and OneginiSingleSignOnHandler
to get the result.
In case of a success, the OneginiAppToWebSingleSignOn
data object will be returned:
In order to continue, the redirect URI should be opened in a web browser. In case of failure, a OneginiSingleSignOnError
will be returned. To read more about
errors and how to handle them please read the Error handling chapter.