Single sign on single native client windows phone using ADAL

178 views Asked by At

We have a windows phone native app (and building for android, iOS also) which uses ADAL to get token for ex:graph. ADAL is asking for credentials for the first time. Now inside of this native app on some frame we have a WebView control which launches another website (our own) or say login.microsoftonline.com which is asking to login again. How can I achieve SSO in this case and don't prompt login for the second time. Is there a way I can reuse the same WebView control which ADAL is using so the cookies will be shared. What are the alternatives in achieving this.

1

There are 1 answers

0
vibronet On BEST ANSWER

ADAL on Windows Phone does not use a WebView. It uses the WebAuthenticationBroker (WAB), a system API specifically designed to keep the cookie jar used during authentication isolated form the app itself. That prevents apps from using cookies to silently access protected resources without the user knowledge, while at the same time pooling the cookie jar across all the apps that use the WAB for authentication. Furthermore: there is no native app to browser SSO mechanism today. Hence, as of today there is no way of sharing SSO state between the app itself and a WebView hosted by the application.