App-to-web SSO
App-to-web single sign-on (SSO) allows you to take a session from your mobile application and extend it to a browser on the same device. This is useful for giving a seamless experience to your users when they transition from the mobile application to the website where more functionality likely exists. This functionality can only be used when using the IDAAS-core identity providers. This can be configured in the IDAAS-core.
The iOS SDK allows you to specify a target URI where authentication is required. This URI must be configured in the action token configuration in the IDAAS-core. It will then verify that your mobile application's session is valid and establish a session with the IDP before redirecting the user to the target URI with them automatically logged in.
To use the functionality, call the appToWebSingleSignOn:withTargetUrl:completion:
method with the target URL as a parameter. In case of success, a URL will be returned that needs to be opened in a web browser. In case of failure, an error will be returned. The returned errors will be within the ONGGenericErrorDomain
or ONGAppToWebSingleSignOnErrorDomain
.
Example: app-to-web single sign-on