When using MSAL library for authentication the app is redirecting the user to a webpage where they have to login with microsoft account. If the user already having Outlook or some other app installed then is there a way to get that login info like how FB app does it?
MSAL works best on iOS if the user has installed and configured the Microsoft Authenticator app. MSAL will launch that app instead of a web browser and the user can just tap their account to login.
If the device is managed by an MDM then you can [enable the enterprise SSO component>(https://github.com/AzureAD/microsoft-authentication-library-for-objc#microsoft-enterprise-sso-plug-in-for-apple-devices) to further simplify the login process.
Without the Authenticator app there is no way for your app to get any existing account authentication details.
Just a thought, but:
Azure AD messages are mostly standards based so you don't have to use MSAL libraries
You may get a better mobile solution with AppAuth libraries
Rather than a web page you could use the in app browser solutions, which feel integrated and have some good UX features:
Chrome Custom Tabs on Android
ASWebAuthenticationSession on iOS
In case any of this is useful, here are some links of mine, including code samples you can run:
Kotlin app for Android
SwiftUI app for iOS
Related
my company wants to implement SSO on an Android device, which is used by several employees over the day. We came accross MSAL and the use of the Authenticator App to implement SSO. As far as I understood, I need to put the device into "Shared Device Mode".
From what I read so far I am confused, if I therefor also need to use Intune to manage my Android device. Currently, we use another Mobile Device Management solution.
Can someone clarify to me, if I can use MSAL for SSO on an Android device in a Shared Device scenarion without using Intune?
I am very confused at the moment.
Best regards,
Marcel
• Yes, you can configure and use MSAL for SSO on an Android device in a shared device scenario without using Intune by following the below given documentation link. It clearly describes the steps for enabling shared-device mode for an android application and integrating MSAL with it for signing in and signing out a user.
https://learn.microsoft.com/en-us/azure/active-directory/develop/tutorial-v2-shared-device-mode
The above snapshots depict the MSAL authentication integration for an Android platform-based application in Azure AD and the associated ‘auth_config.json’ file configuration in the application setup files in which the Azure AD application registration details are configured. It also states that the shared device mode is supported for the MSAL authentication with SSO.
We are developing 10+ mobile apps for our organization's internal purposes. We use Azure AD so we are trying to implement SSO for all android apps using Microsoft identity platform(v2.0). We couldn't make Microsoft authenticator as the Broker app instead of the browser view.
Please help us on how to achieve this.
I checked out the Microsoft identity platform(v2.0) documentation regarding this but no use.
Looking at the MSAL for Android code, looks like you need to set the broker_redirect_uri_registered value to true in your auth_config.json (refer sample) file for the broker to be used.
PS: I haven't tried this myself either... yet.
I'm creating a mobile game using Godot for IOS and Android, firebase and facebook plugins are available for the android version only. Therefore it's not an option because I want to a cross platform solution.
I have a websockets server, I could use that to do the authentication (as a client to call facebook API). My only question is that would the user experience / process be the same? I think not, The user would have to sign in from the browser correct? He won't be able to just use the gmail installed on his phone or facebook, is that true?
I am currently working on a hybrid mobile app with Worklight and HTML5 stack. This app required a FB login functionality. I have implemented FB login mechanism into my app with FB Js SDK. Works fine if I view it inside mobile browser simulator, but when I deploy this app to the physical device, FB login buttons and functionality are not available (literally, they disappear from view).
Also, I want to display my FB login form in the same view instead of pop up window.
I wonder if using FB Js SDK is a good approach for hybrid app's? Or maybe should I use native code to build login mechanism?
I've tried the same approach you used with facebook js sdk. It seems that "facebook js sdk" is for web apps and the site you are implementing have to be on a host. have you tried the cordova plugin for that? if you are using cordova,
try this one https://github.com/Wizcorp/phonegap-facebook-plugin
and another great solution is OpenFBwhich bypasses the js sdk.
and for your pop-up window problem try InAPPBrowser. But all of these are for cordova/Phonegap. But if you using another platform, I don't know any other solution rather than using JSONP to retrieve the fb login page over a remote host everytime you use the app.
What I want to do is log my users in via Google in my mobile app powered by Phonegap on Android.
To do so I use firebase SimpleLogin module which logs me in correctly thanks to the "InAppBrowser" plugin.
My problem is that the webview powered by the InAppBrowser does not have access to my Google credentials. I have to tap them manually each time.
Is there a way to tell the webview how to automatically get my Google credentials from my phone so that I don't have to write them each time ?
Thanks
Probably not. If you're only using the browser for auth, consider using Google+ Sign-in for Android instead.
The browser on Android, like web browsers in general, runs in a sandbox. This means it does not have access to system resources such as Android's AccountManager. This is done on purpose for security reasons.