Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo

All

  • All
back

Android SDK

App-to-web SSO

search

App-to-web SSO

App-to-web single sign-on (SSO) allows you to take a session from your mobile application and extend it to a browser on the same device. This is useful for giving a seamless experience to your users when they transition from the mobile application to the website where more functionality likely exists. This functionality can only be used when using the OneWelcome Identity Platform identity provider.

The Android SDK allow you to specify a target URI where authentication is required. This URI must be configured in the action token configuration. It will then verify that your mobile application's session is valid and establish a session with the IDP before redirecting the user to the target URI with them automatically logged in.

To use the functionality call the UserClient#getAppToWebSingleSignOn with the target URI and OneginiSingleSignOnHandler to get the result. In case of a success, the OneginiAppToWebSingleSignOn data object will be returned.

public interface OneginiAppToWebSingleSignOn {

  /**
   * This is a URL that is meant to be used by the browser to establish a session.
   *
   * @return Uri meant to be used by the browser
   */
  Uri getRedirectUrl();

  /**
   * The token param from the {@link #getRedirectUrl()} provided here as a convenience.
   *
   * @return String token
   */
  String getToken();
}

To continue, the redirect URI should be opened in a web browser. In case of failure, a OneginiSingleSignOnError will be returned.

public void startSingleSignOn() {

    final Uri targetUri = Uri.parse("https://demo-cim.onegini.com/personal/dashboard");

    final OneginiClient oneginiClient = OneginiSDK.getOneginiClient(this);
    oneginiClient.getUserClient().getAppToWebSingleSignOn(targetUri, new OneginiSingleSignOnHandler() {
      @Override
      public void onSuccess(final OneginiAppToWebSingleSignOn oneginiAppToWebSingleSignOn) {
        final Intent intent = new Intent(Intent.ACTION_VIEW, oneginiAppToWebSingleSignOn.getRedirectUrl());
        intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK);
        intent.addFlags(Intent.FLAG_ACTIVITY_NO_HISTORY);
        startActivity(intent);
      }

      @Override
      public void onError(final OneginiSingleSignOnError oneginiSingleSignOnError) {
        @OneginiSingleSignOnError.SingleSignOnErrorType int errorType = oneginiSingleSignOnError.getErrorType();
        if (errorType == OneginiDeregistrationError.DEVICE_DEREGISTERED) {
          // Single Sign-On failed due to missing device credentials. Register app once again.
          new DeregistrationUtil(DashboardActivity.this).onDeviceDeregistered();
        }

        // other errors don't really require our reaction, but you might consider displaying some message to the user
        showToast("Single Sign-On error: " + oneginiSingleSignOnError.getMessage());
      }
    });
  }

On this page