11

Is there a sample application which I can refer for SAML interactions on Android? Anyone successfully ported/used OpenSAML on Android ?

I am trying to write a simple app which would (instead of browser redirection) use native APIs to carry out SAML authentication.

Also some pointers to test environment where I can test SAML clients would help.

VishJ
  • 238
  • 2
  • 3
  • 9

1 Answers1

10

If you need to authenticate your mobile app users against a SAML 2.0 IDP, then you would NOT build this into Android (or iOS). Best practice would be to have your mobile app use OAuthv2 and exchange a SAML Response generated by the IDP for your local SP/AS OAuth token. Essentially, the application would launch the WebView browser w/in your application to carry out the SAML Web SSO profile which would result in your AS giving your mobile app an OAuth token. It's not required to use OAuth in this type of scenario, but it will add security & standard support to your mobile application.

Ping Identity [Note: I do work for Ping] has done a ton of work to make SAML/OAuth quick and easy for SaaS Providers to implement (over 250 SaaS Providers and growing). Check out https://www.pingidentity.com/products/pingfederate/secure-mobile-access.cfm

HTH =- Ian

Ian
  • 4,227
  • 18
  • 19
  • 1
    I an in need of writing a native android solution to authenticate against enterprise services using SAML. – VishJ Aug 14 '12 at 01:01
  • So a SP app server is mandatory for a mobile app? There is no way without an SP? – lonelymo May 23 '15 at 18:30
  • Link is broken. – GDanger Jul 21 '17 at 18:12
  • Ian, my client uses Ping. Can you provide a link to *documentation* on how to implement the Android side of Single-Sign On using SAML 2.0? – Michael Osofsky Mar 18 '19 at 20:17
  • 1
    This Q&A is almost 7 years old. I'd suggest reframing your question with more information about your specific use case as a new question. – Ian Mar 19 '19 at 21:45
  • @Ian actually the same question still applies. Do you still work for Ping? Can you write a new answer here? Preferably just provide a link to official documentation. The client refuses to offer anything but SAML 2.0 for the app we have to build for them. – Michael Osofsky Mar 27 '19 at 19:05