Reputation: 3683
"SSO" between Intune Company Portal app and 3rd party iOS app
Is it possible to have my 3rd party iOS app use a shared token from the Intune Company Portal app to bypass authentication? I'm able to do this between two 3rd party apps by logging into one of them, and having the other one fetch token silently from iOS keychain. I'm using the MSAL framework for authenticating with Azure AD.
The apps are living on an MDM managed (Intune) iOS device running iOS 12.
Upvotes: 1
Views: 1248
Answers (2)
Reputation: 11
Have you looked into MS Authenticator app to be used as cross-app SSO broker? As of my understanding Company Portal app acts as broker only for Android. Also Authenticator seems to support only ADAL and not MSAL so far.
Upvotes: 1
Reputation: 3683
I opened up an issue on the MSAL GitHub asking about this. It turns out it's only possible to have keychain sharing between your own apps. This is a restriction set by Apple:
Xcode automatically prefixes keychain groups with your team ID. This ensures that your groups are specific to your development team.
Taken from the official docs.
Upvotes: 1
Related Questions
- How to allow external users to sign in to an app that is secure by Microsoft identity using Azure AD
- Sign in with My Apps portal and Azure AD SSO in multi tenants application
- Access Azure Active Directory SSO from an App outside the tenant
- SSO between SPA apps using Azure AD and MSAL
- Rails Azure Active Directory SSO with Web + iOS App Authentication
- Azure AD B2C SSO between Apps
- Azure AD SSO for native mobile application
- Integrating Native iOS Azure SSO with Multi-Tenant Web Application
- Single-Sign-On between web app and native app using ADAL
- iOS App Authentication with Windows Azure AD