App-to-web SSO

App-to-web single sign-on (SSO) allows you to take a session from your mobile application and extend it to a browser on the same device. This is useful for giving a seamless experience to your users when they transition from the mobile application to the website where more functionality likely exists. This functionality can only be used when using the identity and access core identity providers. This can be configured in the identity and access core.

The iOS SDK allows you to specify a target URI where authentication is required. This URI must be configured in the action token configuration in the identity and access core. It will then verify that your mobile application's session is valid and establish a session with the IDP before redirecting the user to the target URI with them automatically logged in.

To use the functionality, call the appToWebSingleSignOn:withTargetUrl:completion: method with the target URL as a parameter. In case of success, a URL will be returned that needs to be opened in a web browser. In case of failure, an error will be returned. The returned errors will be within the ONGGenericErrorDomain or ONGAppToWebSingleSignOnErrorDomain.

Example: app-to-web single sign-on

    guard let targetURL = URL(string: "https://demo-cim.onegini.com/personal/dashboard") else { return }
    SharedUserClient.instance.appToWebSingleSignOn(withTargetUrl: targetURL) { (url, token, error) in
        if let url = url {
            // Open url in web browser
        } else if let error = error {
            // Handle error
        }
    }

    NSURL *targetURL = [NSURL URLWithString:@"https://demo-cim.onegini.com/personal/dashboard"];
    [ONGUserClient.sharedInstance appToWebSingleSignOnWithTargetUrl:targetURL completion:^(NSURL * _Nullable url, NSString * _Nullable token, NSError * _Nullable error) {
        if (url) {
            // Open url in web browser
        } else {
            // Handle error
        }
    }];