Implementing Single Sign-On (SSO) for Mobile
Below is the high-level diagram for the Mobile SSO User Experience flow.
Mobile SSO Qualifications
- Desktop SSO must be implemented.
- Please see: Implementing Single Sign-On (SSO) for Desktop for more information.
- Deem Mobile Application opens a secure and private In App Browser to initiate the SAML authentication flow.
- Both SP-Initiated and IdP-Initiated are supported.
- Mobile SSO uses the same Console Site SSO Configurations as Desktop SSO.
There are 2 Mobile specific settings, Enable Mobile SSO and Mobile Company SSO End Point, - The user account must exist and be active to login using Mobile SSO.
NOTE: Mobile SSO does not include profile provisioning like Desktop SSO. - Etta for IOS supports Hybrid SSO (both username and password and SSO authentication.
- If the site is configured for Hybrid SSO (both Username/Password and SSO authentication), then the Deem Mobile Application will only support SSO authentication.
Only users who have access to the customer's SSO Service will be able to sign in to the Deem Mobile Application.