Show TOC

Token-Based SSO AuthenticationLocate this document in the navigation structure

With token-based SSO authentication, a customized client application can obtain a token from the SSO system using any means you designate. Token-based authentication is the most secure SAP Mobile Platform SSO scenario.

An SSO token is injected into the cookie jar of the SAP Mobile Platform client application, and is automatically forwarded to SAP Mobile Platform Server upon any request. Login processing proceeds the same as in network-edge authentication, with the added benefit that the server does not have access to a user's password, and therefore cannot leak it if compromised.

Note To ensure that SAP Mobile Platform Server knows who a user is after a successful SSO-based login, in Management Cockpit, select Check Impersonation in the security profile settings. In token-based authentication, the user identity (Principal) may be returned to the HTTP/HTTPS Authentication provider as an HTTP header.