Token-Based SSO Authentication

With token-based SSO authentication, a customized client application can obtain a token from the SSO system using any means you designate. Token-based authentication is the most secure SAP Mobile Platform SSO scenario.

An SSO token is injected into the cookie jar of the SAP Mobile Platform client application, and is automatically forwarded to SAP Mobile Platform Server upon any request. Login processing proceeds the same as in network-edge authentication, with the added benefit that the server does not have access to a user's password, and therefore cannot leak it if compromised.