Forum Discussion

abhishekgoyan_3's avatar
abhishekgoyan_3
Icon for Nimbostratus rankNimbostratus
Jun 07, 2018

SSO using mobile application - REST API Call Post Request

 

When we open application on browser then for login we request below SSO URL with SAML Request and it internally does redirects to my.policy page. Working fine with the browser application.

 

https://login.vbgov.com/saml/idp/profile/redirectorpost/sso redirects to https://login.vbgov.com/my.policy for login

 

But for mobile login to work this redirect should not happen. We tried iRule - clientless-mode 1 but this will not help. iRule is the global configuration for all apps.

 

Mobile app needs REST API at IDP to post the SAML Request and then grant us the token/saml assertion without any redirect.

 

application delivery
BIG-IP Access Policy Manager (APM)
iRules
  • youssef1's avatar
    youssef1
    Icon for Cumulonimbus rankCumulonimbus
    Jun 07, 2018

    Hi,

     

    Just a suggestion, why you don't use Oauth for Mobile APP? it's ideal for call APIs!!! and it' supported in V13.

     

    Or another solution, don't use saml for Mobile APP, and in this case you can use client less mode ...

     

    What is auth use in your idp?

     

    • User + pwd
    • OTP
    • ???

    Regards

     

  • Leonardo_Souza's avatar
    Leonardo_Souza
    Icon for Cirrocumulus rankCirrocumulus
    Jun 07, 2018

    It is difficult to differentiate between full browser and mobile browser. I tested this in the past, Chrome in Android presents as a mobile browser, while Firefox as full browser, or the other way around, anyway you get the idea.

     

    You need to find something that is different between both use cases, and use that in the LTM or APM to disable the redirect to just that use case.

     

Related Content