Reputation: 1704
SAML enabling a web/mobile application
We have a web application where the appThe lication is downloaded to the client using appcache and runnig int the client. It gets data into to via ajax calls. What it differes from the rest it we do not have a web server but the whole application is downloaded to the client is via an unauthenticated API call (via middleware server). Once the pages are downloaded to th client the login page is loaded and upon successful authentication the client will get a token for the session.
Now we want to secure this with SAML. But since we do not have a web server per say there is no way we can specify a URL (ACS) to redirect in SAML.
How do people implement SAML in this type of scenarios?
Upvotes: 0
Views: 58
Answers (1)
Reputation: 46720
SAML only works through browser redirects.
You also have to have an IDP that supports SAML 2.0 e.g. ADFS.
The interaction is between the SAML application and the IDP. There is no 3rd party.
SAML is not ideal for mobile. OpenID Connect is a better choice. Either way, you have to add a client-side stack that supports the protocol to your application.
Also, SAML does not have a web API flow. OIDC does.
Upvotes: 1
Related Questions
- SAML Authentication - Cordova Hybrid Mobile application using in app browser
- SAML auth in Nativescript
- How should I use SAML login with a REST API + SPA app?
- How to add Saml Authentication to asp.net Web API application
- How to use onelogin SSO with AngularJS?
- Custom Authentication After Saml Response From IdP
- Integration of Angular website with SAML (SSO)
- How to integrate Okta SignIn widget and SAML SSO with a Angularjs SPA?
- SAML 2.0 Single Sign on in Web-application (SPA)
- How to use SAML authentication in a mobile application?