Urgent! single-sign-on (SSO) Android and iOS (McDonald´s customer)

Hi,

Anyone have experience in implementing single-sign-on (SSO) Android and iOS? Or even if it´s possible.

I have been required by a big customer (McDonald´s) to supply this feature, so that their e-learning employees can log into our App without having to enter any login information.

They will insert into our database the employee login information, and we would need some routine to implement SSO when the user runs the APP, and compare it with our database user credentials.

Really need some help on this, 

Thanks in advance,

Rui Tito

the user needs to be identified at least once, thats inevitable.

google gives me this explanation:

Single sign -on ( SSO ) is a session and user  authentication  service that permits a user to use one set of login credentials (e.g., name and password) to access multiple applications. … On the back end,  SSO  is helpful for logging user activities as well as monitoring user accounts

so it seem that this is not about logging in without entering login info, but about using the same login credentials across for all apps.

Cant understand why that would not be possible, unless we are talking about apps sharing login info on a single device across apps made by different engines and companies…that could be challenging.

SSO means you get authenticated without having to know user credentials but this requires a third party.

Think Facebook SSO, this allows the user to connect to FB services without your app “knowing” their username/password.

Thanks Guys,

The problem I have is that McDonald´s uses a SSO but not based in Facebook or any other social network.

I will ask them, hope to get a tech reply… I really do not have any idea what to call, even if they send me a credential with user data to our database.

Hi,

If McDonald’s does indeed have their own SSO system (which seems possible) there should be a couple of endpoints they can provide you to authenticate against. Basically you’ll send a request to an endpoint with some info (/authorize) is a common one, and they should send you back a token and info of some type.

Generally this info is provided on the “callback” url, which will contain info after the “#” in the url path. You’ll most likely need to pop a webView to do the auth and then grab and parse the callback url data.

You will need to talk with someone on their end to get the system implementation details. They should have no problem talking you through how their auth system works, and may even have it documented, as they must use it with other clients.

-dev

the user needs to be identified at least once, thats inevitable.

google gives me this explanation:

Single sign -on ( SSO ) is a session and user  authentication  service that permits a user to use one set of login credentials (e.g., name and password) to access multiple applications. … On the back end,  SSO  is helpful for logging user activities as well as monitoring user accounts

so it seem that this is not about logging in without entering login info, but about using the same login credentials across for all apps.

Cant understand why that would not be possible, unless we are talking about apps sharing login info on a single device across apps made by different engines and companies…that could be challenging.

SSO means you get authenticated without having to know user credentials but this requires a third party.

Think Facebook SSO, this allows the user to connect to FB services without your app “knowing” their username/password.

Thanks Guys,

The problem I have is that McDonald´s uses a SSO but not based in Facebook or any other social network.

I will ask them, hope to get a tech reply… I really do not have any idea what to call, even if they send me a credential with user data to our database.

Hi,

If McDonald’s does indeed have their own SSO system (which seems possible) there should be a couple of endpoints they can provide you to authenticate against. Basically you’ll send a request to an endpoint with some info (/authorize) is a common one, and they should send you back a token and info of some type.

Generally this info is provided on the “callback” url, which will contain info after the “#” in the url path. You’ll most likely need to pop a webView to do the auth and then grab and parse the callback url data.

You will need to talk with someone on their end to get the system implementation details. They should have no problem talking you through how their auth system works, and may even have it documented, as they must use it with other clients.

-dev