App-to-web SSO

App-to-web single sign-on (SSO) allows you to take a session from your mobile application and extend it to a browser on the same device. This is useful for giving a seamless experience to your users when they transition from the mobile application to the website where more functionality likely exists. This functionality can only be used when using the IDAAS-core identity providers. This can be configured in the IDAAS-core.

The iOS SDK allows you to specify a target URI where authentication is required. This URI must be configured in the action token configuration in the IDAAS-core. It will then verify that your mobile application's session is valid and establish a session with the IDP before redirecting the user to the target URI with them automatically logged in.

To use the functionality, call the appToWebSingleSignOn:withTargetUrl:completion: method with the target URL as a parameter. In case of success, a URL will be returned that needs to be opened in a web browser. In case of failure, an error will be returned. The returned errors will be within the ONGGenericErrorDomain or ONGAppToWebSingleSignOnErrorDomain.

Example: app-to-web single sign-on

    guard let targetURL = URL(string: "https://demo-cim.onegini.com/personal/dashboard") else { return }
    SharedUserClient.instance.appToWebSingleSignOn(withTargetUrl: targetURL) { (url, token, error) in
        if let url = url {
            // Open url in web browser
        } else if let error = error {
            // Handle error
        }
    }

    NSURL *targetURL = [NSURL URLWithString:@"https://demo-cim.onegini.com/personal/dashboard"];
    [ONGUserClient.sharedInstance appToWebSingleSignOnWithTargetUrl:targetURL completion:^(NSURL * _Nullable url, NSString * _Nullable token, NSError * _Nullable error) {
        if (url) {
            // Open url in web browser
        } else {
            // Handle error
        }
    }];