Reputation: 1332
How to maintain security context when calling SAP API from a native mobile app using OIDC?
I have an Identity Provider (IdP) that supports both SAML and OIDC protocols. Currently, I have integrated SAP BTP with the IdP using SAML for authentication (for the sake of the argument, it can be any other application using SAML protocol). Additionally, I have a native mobile app that interacts with the IdP using OIDC for user authentication within the app.
My objective is to call an API in SAP from the mobile app while maintaining the same security context that is established during OIDC authentication in the app.
QUESTION
How this can be achieved? Specifically, what steps or configurations are needed to ensure that the security context from the OIDC authentication in the mobile app is carried over when making API calls to SAP?
Any insights or examples illustrating this integration would be greatly appreciated. Thank you!
Upvotes: 0
Views: 50
Answers (0)
Related Questions
- How can I set RequestedAuthenticationContext in spring-security for ADFS?
- Configuring Multiple Identity Providers (IDPs) for SAML Authentication in Spring 5
- How to obtain token when using app based OIDC in in-app browser
- Using SAML Security Context for API Calls
- Insert OIDC IDP into existing SP SAML connection
- Why is OpenID Connect considered mobile friendly compared to SAML
- Proxy on top of OIDC IdP provider to accept SAML requests from service provider for SSO