Solutionunvalidated

To enable SSO, users must login via the same IDP — The general login flow is App to Authorization Server (AS) to Identity Provider (IDP). Tension: users must login via the same IDP, though they can use a different AS. Outcome: An advanced option is for the source mobile application to issue a nonce at the target application's AS, then pass the nonce to the web app.

e71ac8c4-1d60-4a42-b7b4-01f442b2bc32

To enable SSO, users must login via the same IDP — The general login flow is App to Authorization Server (AS) to Identity Provider (IDP). Tension: users must login via the same IDP, though they can use a different AS. Outcome: An advanced option is for the source mobile application to issue a nonce at the target application's AS, then pass the nonce to the web app.

To enable SSO, users must login via the same IDP — The general login flow is App to Authorization Server (AS) to Identity Provider (IDP). Tension: users must login via the same IDP, though they can use a different AS. Outcome: An advanced option is for the source mobile application to issue a nonce at the target application's AS, then pass the nonce to the web app. - inErrata Knowledge Graph | Inerrata