[keycloak-dev] [keycloak-user] Best practices for securing sign-in on mobile
Stian Thorgersen
sthorger at redhat.com
Tue Mar 8 01:28:07 EST 2016
Have you tried AppAuth with Keycloak? If so I'd love to know how you got on
with it.
On 7 March 2016 at 18:28, Jason Axley <jaxley at expedia.com> wrote:
> The Google Identity team just open sourced some Open ID Connect libraries
> that use In-app tabs on Android and SFSafariViewController on iOS for
> secure, streamlined web workflows in-app.
>
> https://openid.github.io/AppAuth-Android
> https://openid.github.io/AppAuth-iOS
>
> -Jason
>
> From: <keycloak-user-bounces at lists.jboss.org> on behalf of Stian
> Thorgersen <sthorger at redhat.com>
> Reply-To: "stian at redhat.com" <stian at redhat.com>
> Date: Monday, March 7, 2016 at 12:11 AM
> To: keycloak-dev <keycloak-dev at lists.jboss.org>, "
> keycloak-user at lists.jboss.org" <keycloak-user at lists.jboss.org>
> Subject: [keycloak-user] Best practices for securing sign-in on mobile
>
> Our Cordova apapter uses a webview (via cordova-plugin-inappbrowser) to
> open the login page. This results in no SSO between applications and it
> also has some security implications. A better approach is to use in app
> browser tabs when supported or fallback to the system browser.
>
> See https://www.youtube.com/watch?v=ppeU8yeI_ks for more details.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20160308/142d4ad9/attachment-0001.html
More information about the keycloak-dev
mailing list