Mobile Single-Sign-On

Session Topic: Mobile Single-Sign-On

Convener: Sascha Preibisch

Notes-taker(s): Sascha Preibisch


 * Topic: Mobile Single-Sign On (MSSO)
 * goal: users should only login to the first app using username/ password. This app will receive an access_token and an  id_token. The id_token will be shared with other apps. Other apps will reuse the earlier issued id_token to request their own access_token
 * target environment: enterprise apps, signed by the same developer key
 * what was discussed/ showed:
 * explanation how mobile single-sign on can be implemented using OAuth, OpenID Connect and JsonWebToken
 * client apps would keep their oauth access_token for them selves but they would share the id_toke
 * client apps would also share an app-generated private key which would be used for ssl with client authentication if it is required