[keycloak-user] Best practices for securing sign-in on mobile

Stian Thorgersen sthorger at redhat.com
Tue Mar 8 01:28:07 EST 2016

Have you tried AppAuth with Keycloak? If so I'd love to know how you got on
with it.

On 7 March 2016 at 18:28, Jason Axley <jaxley at expedia.com> wrote:

> The Google Identity team just open sourced some Open ID Connect libraries
> that use In-app tabs on Android and SFSafariViewController on iOS for
> secure, streamlined web workflows in-app.
> https://openid.github.io/AppAuth-Android
> https://openid.github.io/AppAuth-iOS
> -Jason
> From: <keycloak-user-bounces at lists.jboss.org> on behalf of Stian
> Thorgersen <sthorger at redhat.com>
> Reply-To: "stian at redhat.com" <stian at redhat.com>
> Date: Monday, March 7, 2016 at 12:11 AM
> To: keycloak-dev <keycloak-dev at lists.jboss.org>, "
> keycloak-user at lists.jboss.org" <keycloak-user at lists.jboss.org>
> Subject: [keycloak-user] Best practices for securing sign-in on mobile
> Our Cordova apapter uses a webview (via cordova-plugin-inappbrowser) to
> open the login page. This results in no SSO between applications and it
> also has some security implications. A better approach is to use in app
> browser tabs when supported or fallback to the system browser.
> See https://www.youtube.com/watch?v=ppeU8yeI_ks for more details.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160308/142d4ad9/attachment-0001.html 

More information about the keycloak-user mailing list