Our Cordova apapter uses a webview (via cordova-plugin-inappbrowser) to
open the login page. This results in no SSO between applications and it
also has some security implications. A better approach is to use in app
browser tabs when supported or fallback to the system browser.
for more details.