I am developing one iOS and one Android app and I need to implement SSO - Single Sign-On feature in both.
I have 'Company Portal' - Microsoft Intunes app installed already on my device.
Is it possible to use Intunes Login for my application? SO that I can skip independent login flow for my applications.
Please suggest solution for both platforms (iOS/Android)
I also tried integrating Azure Ad Sdk, but still my app ask for Login individually and not accepting/detecting Intunes App login, like Microsoft One Drive
You can use Microsoft Authenticator App broker for your solution.
User has to be install 'Microsoft Authenticator App' from App store.
Then Install 'Intune Company Portal' app
Try to login in Intune Company App, it will redirect to the Broker app for sign-in.
When user successfully logged in with Comapny app, then try to sign-in with your own app (Broker setting need to be do in app code).
Your app will redirect to Broker app for sign-in, and in broker app user has to be click/choose stored email id reference to auto sign-in without asking any password.
Check tutorial
Related
I have integrated the ms graph sdk for authentication but it always open in browser to authenticate, Can we do the ms graph auth with already installed outlook app or azure app in android without opening browser [same like google account chooser]
Are you using MSAL as this is the supported Android/JAVA library here. MSAL allows easier sharing of identity between apps for instance. https://github.com/AzureAD/microsoft-authentication-library-for-android
There is more details on single sign on here too https://learn.microsoft.com/en-us/azure/active-directory/develop/authorization-agents
I had developed 4 Apps.
Main App
App Alpha
App Beta
App Gama
All 4 Apps have same Login with email option, and user can login with same email address and password like Gmail, Google Keep and Google Photos do.
So, I want to make Login with Main App Options, So if user is signed in Main App in same device, when they click from other app's Login With Main App button, other app should communicate with Main App and get token from thek and do autologin for.[Same as FB messenger and FB Main app login functionality]
So How its possible in Android ?
Deeplink ? Shared Preference ? Or Any other technique ?
If I am understanding this correctly. Its because of the Facebook Login feature. If you already logged in with Facebook or connect that app to it. It is automatically logging in as long as the Facebook session on your phone is still active. Which on the phone it can last theoretically indefinitely until server maintenance in which is where they usually ask you to change your password.
So how does it log in? Built in framework to allow it to be done.
The code works properly from dev portal of microsoft. But can anyone please tell me how it should behave in following use case
Consider two apps: App1 and App2
I have developed same code and installed both apps simultaneously
App1 as launched first will ask me credentials for the webview. Thats fine. as I have not cache or already logged in till date.
Once I log in successfully, The apps works properly as auto login
Now when I open App2, it still throws me Login page. Ideally it should take cache of App1 and auto login.
Please note: I have provided same 'shared id' in both apps in manifest
Please let me know about thus as i am stuck with internal Single Sign on issue since long
I see you have tagged the question with ADAL, so I'll assume that's the library you're using. ADAL uses webviews to prompt for sign in. Webviews in Android do not share much state between apps, and are pretty much completely sandboxes (isolated and do not share session cookies, etc).
Now, you most definitely can achieve SSO for Android using ADAL, you have 2 options:
Brokered SSO
Using a broker application, like the Microsoft Authenticator, the end user basically signs in here such that they're able to maintain a session inside the Broker's sandbox. This allows any app that signs in Azure AD users to share state. The article linked above explains how to enable your app to use the broker.
Non-Brokered SSO
You can configure SSO between all of the apps you own. This means an end user will get SSO between App 1, App 2, App N, but not necessarily another App in the Azure AD ecosystem. The article linked above explains how to enable your app to use non-brokered SSO.
Bonus Option: v2 with MSAL
I said earlier ADAL uses webviews for sign in, there's another way to do it that the Microsoft Authentication Library (MSAL) supports using the system's browser. Quite simply, this uses the Chrome or a Chrome custom tab browser on the device rather than the in-app webview. Then, the session cookie is set on the global browser so any app that also uses the browser (or if the end user has used the browser natively to sign in) will get SSO. The stipulation here is MSAL works against the Azure AD v2.0 endpoint which has some limitations, but also supports some sign in with Microsoft Accounts (*.outlook, *.live, etc) out of the box.
If you're interested in trying v2 + MSAL, I recommend trying the Android Guided Walkthrough which walks you through how to build an app that calls the Microsoft Graph.
I created a PhoneGap app (IOS & Android) that uses login with Facebook. My back end server then verifies the Facebook token, gets the ID, email, name, etc.
I want to pay people who promote my mobile app for each user that installs the app.
I have tested login with Facebook on my website which would do the trick (ID from website login matches ID from app login), but it does not make sense to have people login on my website. I would need to give visitors some special incentive to do that.
I know Facebook has a pixel code, but I know they use it for their own gain only (I.E. CPI app ads).
I need a simple way to connect my affiliate driven visitor to an app install.
One thought is to cookie them and then open a webpage in the app to retrieve the cookie but they would need to open the page with the same web browser (I have 3 on my phone).
Any thoughts on how to easily do this?
You can use branch.io to power your deeplinks and referrals. they are able to manage multiple cases. For cordova/phonegap here is where you can start. https://github.com/BranchMetrics/cordova-ionic-phonegap-branch-deep-linking
We've built a web application which let you login with Facebook to get WiFi access. Since (i think) Android 4.4 you have this WiFi Signin dialog within Android.
If we use this 'popup' for signing in with Facebook, we are always redirected to the Facebook website.
Can we somehow force the application to first check for native Facebook apps before getting to the website?