[keycloak-user] iOS App login with Keycloak

Scott Rossillo srossillo at smartling.com
Fri Sep 30 16:50:01 EDT 2016 

Yes this is easily done on both platforms using custom URLs to handle the successful login response and then do code to token in the application. 

+ 1 for using the browser

Scott Rossillo
Smartling | Senior Software Engineer
srossillo at smartling.com

> On Sep 30, 2016, at 3:03 AM, Stian Thorgersen <sthorger at redhat.com> wrote:
> 
> +1 Using the system browser is the proper way. SSO and everything ;)
> 
> Not sure keycloak.js does it properly though as it doesn't have support for SSO AFAIK?
> 
> On 29 September 2016 at 12:14, Sebastien Blanc <sblanc at redhat.com <mailto:sblanc at redhat.com>> wrote:
> Let's be careful with using Webviews, for instance, Google will soon block any OAuth interactions that use the webviews ( https://developers.googleblog.com/2016/08/modernizing-oauth-interactions-in-native-apps.html <https://developers.googleblog.com/2016/08/modernizing-oauth-interactions-in-native-apps.html> ) , instead they recommand using the mobile browser. For Cordova apps, keycloak.js already works with inappbrowser that opens a "external" browser, isolated from the app. 
> 
> On Thu, Sep 29, 2016 at 11:35 AM, Stian Thorgersen <sthorger at redhat.com <mailto:sthorger at redhat.com>> wrote:
> I highly recommend using an embedded webview and not use native login and direct grant api. That is best practice both for Keycloak and OIDC in general.
> 
> On 26 September 2016 at 05:21, Joey <huazonglin at gmail.com <mailto:huazonglin at gmail.com>> wrote:
> Thanks Guys, sorry for reply so late. I will try your solutions later. thanks.
> 
> On Thu, Sep 22, 2016 at 8:39 PM, Thomas Darimont
> <thomas.darimont at googlemail.com <mailto:thomas.darimont at googlemail.com>> wrote:
> > Hello,
> >
> > I adapted an Android based OpenID Connect Demo Application to work with
> > Keycloak.
> > In Keycloak I created a confidential client with direct access grants as
> > Scott described.
> >
> > https://github.com/thomasdarimont/android-openid-connect/tree/feature/keycloak-oidc-demo <https://github.com/thomasdarimont/android-openid-connect/tree/feature/keycloak-oidc-demo>
> > See the recent commits in the feature/keycloak-oidc-demo branch.
> >
> > Cheers,
> > Thomas
> >
> > 2016-09-22 13:57 GMT+02:00 Scott Rossillo <srossillo at smartling.com <mailto:srossillo at smartling.com>>:
> >>
> >> You can do that using direct access grants if you search the docs for it.
> >> However, we have native apps and just skinned our login pages to be
> >> responsive and look great on mobile.
> >>
> >> The latter option is a better approach especially if you plan to implement
> >> 2FA.
> >>
> >> On Thu, Sep 22, 2016 at 6:27 AM Joey <huazonglin at gmail.com <mailto:huazonglin at gmail.com>> wrote:
> >>>
> >>> Hi Guys,
> >>>
> >>> We are building a system, including 3 subsystems for a big website.
> >>> and iOS and Android app. We use KeyCloak as the SSO server for all
> >>> subsystems, and then we also want to use KeyCloak for iOS and Android
> >>> as the login server. But for iOS, Android we want to use native login
> >>> page not the html page provide by KeyCloak adapter. but I read all
> >>> documents and discussions, I didnt find a way how to implement it.
> >>> Anybody can help me? thanks.
> >>>
> >>>
> >>> Joey
> >>> _______________________________________________
> >>> keycloak-user mailing list
> >>> keycloak-user at lists.jboss.org <mailto:keycloak-user at lists.jboss.org>
> >>> https://lists.jboss.org/mailman/listinfo/keycloak-user <https://lists.jboss.org/mailman/listinfo/keycloak-user>
> >>
> >>
> >> _______________________________________________
> >> keycloak-user mailing list
> >> keycloak-user at lists.jboss.org <mailto:keycloak-user at lists.jboss.org>
> >> https://lists.jboss.org/mailman/listinfo/keycloak-user <https://lists.jboss.org/mailman/listinfo/keycloak-user>
> >
> >
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org <mailto:keycloak-user at lists.jboss.org>
> https://lists.jboss.org/mailman/listinfo/keycloak-user <https://lists.jboss.org/mailman/listinfo/keycloak-user>
> 
> 
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org <mailto:keycloak-user at lists.jboss.org>
> https://lists.jboss.org/mailman/listinfo/keycloak-user <https://lists.jboss.org/mailman/listinfo/keycloak-user>
> 
>

More information about the keycloak-user mailing list