Jump to: navigation, search

Changes

HowTo:Integrate UBIK in an SSO Environment

1,057 bytes added, 17 January
If there are further questions, support is available to help.
[[Category:How-To|Integrate UBIK in an SSO Environment]][[Category:SSO|Integrate UBIK in an SSO Environment]][[Category:Version 3.6|Integrate UBIK in an SSO Environment]]
== Login ==
</div></div>
[[Category:How-To|Integrate UBIK in an SSO Environment]][[Category:SSO|Integrate UBIK in an SSO Environment]][[Category:Version 3.6|Integrate UBIK in an SSO Environment]]
== Interfacing ==
'ClientID' : '{clientid}',
'ClientSecret' : null,
'RedirectURL' : 'com.augmensys.ubik://SSOsso/',
'Scope' : 'openid',
'UseAccessToken' : 'false'}
</syntaxhighlight>
 
{{Attention|The "RedirectURL" is needed so that the SSO login process can be redirected back to the client after authentication. When using the Xamarin clients, the custom protocol ("com.augmensys.ubik://sso/") might trigger a trust warning from some SSO providers (e.g. Entra), asking users to additionally confirm the login. If you want to avoid such warnings, it's possible to configure the so called "universal link" ("https://ubikapp.augmensys.com/sso/") as the RedirectURL instead. {{Version/XamarinSince|4.9}} This is not the case for the UWP client because there's no such trust warning problem and universal link is not properly supported on Windows anyway.}}
 
{{Hint|When using the universal link as the RedirectURL, the Xamarin iOS client needs to open the Safari browser in order to successfully complete the login process. If you see the browser stuck on the {{UBIK}} SSO page and that it does not redirect to the client, please set Safari as the default browser. And the Xamarin iOS client opens the Safari browser externally, because we found out that the redirect process requires user interaction even when the user has already previously logged in. (This is in line with what many others also experienced, like described in [https://stackoverflow.com/questions/44706216/universal-link-does-not-work-in-safari this example].) This means there will be a browser instance open in the background after you log in/out using SSO on a Xamarin iOS client, which is unfortunately a technical limitation until Apple changes their universal link support.}}
 
* Integrate client configuration in profile:
<syntaxhighlight lang="xml">
{{Hint|Entra requires a client secret for web applications (to be configured both in Entra as well as in the client profile's OIDC settings described above). For native/mobile applications, the client secret must be null though!}}
[[Category:How-To|Integrate UBIK in an SSO Environment]][[Category:SSO|Integrate UBIK in an SSO Environment]][[Category:Version 3.6|Integrate UBIK in an SSO Environment]]
== SAML ==
LGE
Bureaucrat, administrator
1,985
edits
Retrieved from "https://wiki.augmensys.com/index.php?title=Special:MobileDiff/27762"