Token-based authentication uses the value of the opaque field in HTTP headers or cookies to authenticate users.
The HTTP/HTTPS Authentication provider is always used for token-based authentication. The provider passes a token to the Web server that is integrated into the SSO system, and can validate the token and potentially return more information to SAP Mobile Platform Server about the user who owns the token. The provider may also return additional SSO credential material that the server can use with back-end systems to identify the user.
Once a token is validated, you can assign additional SSO credentials to the subject using the HTTP/HTTPS Authentication provider with the Populate JAAS Subject From Client, Kerberos, or Principal Propagation providers.