Symantec Access Management

Expand all | Collapse all

seamlessness from mobile app to web browser via Layer7 and SM

Jump to Best Answer
  • 1.  seamlessness from mobile app to web browser via Layer7 and SM

    Posted 10-21-2016 04:23 PM

    I have a scenario where I need to allow seamlessness from mobile app to web browser (on same device) where the webapp is integrated with SiteMinder. we have Layer7 as OAuth AZ provider.

     

    I was hoping that there is a way to call an endpoint directly (like /affwebservices/public/oauthtokenconsumer) on Ca WAOPACK/SPS with Access Token from mobile app thereby getting an SMSESSION and redirect the user to web app integrated with SiteMinder/Ca SSO. Is this a possibility ? 



  • 2.  Re: seamlessness from mobile app to web browser via Layer7 and SM
    Best Answer

    Posted 10-27-2016 06:09 PM

    Hi, 

     

    If I understood your use case correctly, your use case may not be related to L7 or CA SSO.

    It's a question whether the mobile app can interact with mobile browser on the same device.

     

    Your mobile app does some actions and gets a token.

    You want this token to be shared with your mobile browser so you would achieve a seamless SSO between your mobile app and mobile browser.

     

    There is a mobile app called "LastPass" which stores your credentials and it is able to enter/submit your credentials on other mobile apps as well as the mobile browser.

     

    So, it does appear what you are trying to achieve is very much possible.



  • 3.  Re: seamlessness from mobile app to web browser via Layer7 and SM

    Posted 11-11-2016 11:41 AM

    Hello Sung, thanks for above post. 

    In our scenario, we need to move SMSession value from a web browser into mobile app native development environment.

    We are able to login successfully into siteminder protected environment and do have smsession value in browser. But in native app code, when try to connect via rest api, it is giving 302 error. Basically looking for smsession value. How do we transfer/migrate SMSession cookie value so it does accept API calls?