<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; color: rgb(0, 0, 0);">
<div>
<div>
<div><font face="Calibri,sans-serif" style="font-size: 14px;">The Google Identity team just open sourced some Open ID Connect libraries that use In-app tabs on Android and </font><span style="font-size: 12px; font-family: Monaco, 'Bitstream Vera Sans Mono', 'Lucida Console', Terminal, Consolas, 'Liberation Mono', 'DejaVu Sans Mono', 'Courier New', monospace; color: rgb(51, 51, 51); widows: 1; background-color: rgb(255, 255, 255);">SFSafariViewController</span><span style="color: rgb(51, 51, 51); widows: 1; background-color: rgb(255, 255, 255);"><font face="Calibri">
on iOS for secure, streamlined web workflows in-app.</font></span></div>
<div style="font-size: 14px; font-family: Calibri, sans-serif;"><br>
</div>
<div style="font-size: 14px; font-family: Calibri, sans-serif;">
<div><a href="https://openid.github.io/AppAuth-Android" target="_blank">https://openid.github.io/AppAuth-Android</a></div>
<div><a href="https://openid.github.io/AppAuth-iOS" target="_blank">https://openid.github.io/AppAuth-iOS</a></div>
</div>
<div style="font-size: 14px; font-family: Calibri, sans-serif;"><br>
</div>
<div style="font-size: 14px; font-family: Calibri, sans-serif;">-Jason</div>
<div style="font-size: 14px; font-family: Calibri, sans-serif;">
<div id="MAC_OUTLOOK_SIGNATURE"></div>
</div>
</div>
</div>
<div style="font-size: 14px; font-family: Calibri, sans-serif;"><br>
</div>
<span id="OLK_SRC_BODY_SECTION" style="font-size: 14px; font-family: Calibri, sans-serif;">
<div style="font-family:Calibri; font-size:12pt; text-align:left; color:black; BORDER-BOTTOM: medium none; BORDER-LEFT: medium none; PADDING-BOTTOM: 0in; PADDING-LEFT: 0in; PADDING-RIGHT: 0in; BORDER-TOP: #b5c4df 1pt solid; BORDER-RIGHT: medium none; PADDING-TOP: 3pt">
<span style="font-weight:bold">From: </span><<a href="mailto:keycloak-user-bounces@lists.jboss.org">keycloak-user-bounces@lists.jboss.org</a>> on behalf of Stian Thorgersen <<a href="mailto:sthorger@redhat.com">sthorger@redhat.com</a>><br>
<span style="font-weight:bold">Reply-To: </span>"<a href="mailto:stian@redhat.com">stian@redhat.com</a>" <<a href="mailto:stian@redhat.com">stian@redhat.com</a>><br>
<span style="font-weight:bold">Date: </span>Monday, March 7, 2016 at 12:11 AM<br>
<span style="font-weight:bold">To: </span>keycloak-dev <<a href="mailto:keycloak-dev@lists.jboss.org">keycloak-dev@lists.jboss.org</a>>, "<a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a>" <<a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a>><br>
<span style="font-weight:bold">Subject: </span>[keycloak-user] Best practices for securing sign-in on mobile<br>
</div>
<div><br>
</div>
<div>
<div>
<div dir="ltr">
<div>Our Cordova apapter uses a webview (via cordova-plugin-inappbrowser) to open the login page. This results in no SSO between applications and it also has some security implications. A better approach is to use in app browser tabs when supported or fallback
to the system browser.</div>
<div><br>
</div>
<div>See <a href="https://www.youtube.com/watch?v=ppeU8yeI_ks">https://www.youtube.com/watch?v=ppeU8yeI_ks</a> for more details.</div>
</div>
</div>
</div>
</span>
</body>
</html>