How to Use Conditional Authentication Cookies in Mobile Apps
As part of defining the organization’s authentication infrastructure, you would like to protect certain resources that mobile apps might need to use and limit the access to those resources by having the user authenticate with one of the SSO providers or supported protocols. The application then needs to go through authentication when it tries to access a protected resource. When authenticating, cookies from the app won’t be sent to the authentication server, but if needed, then activating this feature will do just that. For example, if the app receives a cookie from the login URL, then if Conditional Cookies is activated, that cookie will be sent to the Hub URL and Token URL during the login process. This Knowledge Base article explains how use conditional authentication cookies in mobile apps.
How to Use Conditional Authentication Cookies in Mobile Apps
Appdome is a no-code mobile app security platform designed to add security features in mobile apps.
Appdome’s no-code mobile app security platform offers mobile developers, DevSec and security professionals a convenient and reliable way to protect Android and iOS apps without coding. When a user clicks “Build My App,” Appdome leverages a microservice architecture filled with 1000s of security plugins, and an adaptive code generation engine that matches the correct required plugins to the development environment, frameworks, and methods in each app.
Using Appdome, there are no development or coding prerequisites to build secured apps. There is no SDK and no library to manually code or implement in the app. The Appdome technology adds the relevant standards, frameworks, stores, and logic to the app automatically, with no manual development work at all.
Likewise, there are no required infrastructure changes and no dependency on SAML, OAuth, OpenID Connect or any other authentication standard inside the app. The Appdome technology can send cookies from the app to the authentication servers, and more to the app automatically, with no manual development work at all. Using Appdome, mobile apps will be able to send cookies to the authentication servers as if it was natively coded to the app.
As part of defining the organization’s authentication infrastructure, you would like to protect certain resources that mobile apps might need to use and limit the access to those resources by having the user authenticate with one of the SSO providers or supported protocols. The application then needs to go through authentication when it tries to access a protected resource. After authenticating the application receives a token with which it can authenticate further, without the need for user interaction, until the token expires. This means that after authentication, the token needs to be passed along with requests the Application makes for the resource.
Appdome allows you to easily choose the authentication provider/scheme and define which resources should be protected. Once the application is built the authenticator will be activated automatically when needed and the token will be managed by Appdome and passed to requests as needed. Furthermore, Appdome will automatically recognize when the token has expired and will require authentication again.
Disabling Conditional Cookies ensure that tokens are sent with any protected resource, regardless of its domain.
Having ConditionalCookies enabled for an application built of SSO will mean that tokens are sent only with requests that match the authentication domain.
In order to use Appdome’s no code conditional cookies on Appdome, you’ll need:
- Appdome account
- Mobile App (.ipa for iOS, or .apk or .aab for Android)
- Choose an authentication provider of the supported providers or use Mobile Enterprise Authentication by Appdome. To learn more about the supported services please visit Appdome for Single Sign On knowledge base.
4 Easy Steps to Use Conditional Authentication Cookies in Mobile Apps
Follow these step-by-step instructions to add Conditional Cookies to any mobile Application:
Upload a Mobile App to Your Account
Please follow these steps to add a mobile app to your Appdome account.
If you don’t have an Appdome account, click here to create an account.
From the “Build” tab, Add Conditional Cookies
Select the Build Tab. Note: a blue underline will appear showing the step is active
Beneath the Build Tab, you will find several service options. Select Authentication. Note: a blue highlight will appear showing the category is active.
- Configure your desired SSO provider as described in Appdome for Single Sign-on
- Open the Scheme drop-down list named Appdome SSO+ Suite
- In the Appdome SSO+ Suite, enable Conditional Cookies
- When finished, click Build My App.
The technology behind Build My App has two major elements – (1) a microservice architecture filled with 1000s of code sets needed for mobile integrations, and (2) an adaptive code generation engine that can recognize the development environment, frameworks and methods in each application and match the application to the relevant code-sets needed to add conditional cookies to the mobile app in seconds.
Congratulations! You now have a mobile app fully integrated with conditional cookies.
After Adding Conditional Cookies to a Mobile App on Appdome
After you have added Conditional Cookies to any Mobile App on Appdome, there are a few additional steps needed to complete your mobile integration project. Read this Knowledge Base article to learn what to do after you successfully build an app. It explains both optional steps and required steps.
That is it – Enjoy Appdome for conditional cookies in your application!
How Do I Learn More?
Check out the Appdome blog or request a demo at any time.
To zoom out on this topic, visit Appdome for Mobile Identity on our website.
If you have any questions, please send them our way at email@example.com or via the chat window on the Appdome platform.
Thanks for visiting Appdome! Our mission is to make mobile integration easy. We hope we’re living up to the mission with your project. If you don’t already have an account, you can sign up for free.