SAML SSO Hybrid app problem

0
Hi Guys,   I've followed this how-to https://docs.mendix.com/howto/mobile/implement-sso-on-a-hybrid-app-with-mendix-and-saml to enable users to authenticate with their own IdP.   The logging in works fine, but I experience some issue After the redirect from the IdP the inappbrowser window does not seem to close. So you are redirected to the URL of your app in stead of to you hybrid app. When you exit the app by pushing the home button and opening it again, the hybrid app is openend and the 'mx-authtoken' key is stored in the local storage so that works ok When closing the app via double homebutton click and swipe up, the app redirects you to the IdP again. Rebooting the iPad has the same effect. This should not happen right?    First issue isn't that big, just close the app and reopen fixes it. Second issue is bigger. We don't want users to have to log in that often. Did I miss something in the configuration or is this a bug? Mendix version is 7.18.1 and running on a iPad iOS 12.0
asked
1 answers
0

First, make sure that SAML redirects to the same url as the url where the app started. If you start the app using a custom url and SAML returns with a .mendixcloud.com url, then the InAppBrowser will not close.

Second, make sure you have a recent SAML20 module and in the runtime configuration enable the checkbox "Enable mobile authentication data". If you use the Dutch language, note that the checkbox has a wrong label: it is then the second checkbox named "Enable delegated authentication". If this is not checked (or you have an older SAML20 module) then the hybrid app will not receive a token and the InAppBrowser may not close because of a bug in the JavaScript.

Third, the abovementioned bug was recently fixed by Mendix by updating the JavaScript code mentioned here: https://docs.mendix.com/howto/mobile/implement-sso-on-a-hybrid-app-with-mendix-and-saml. I advise you to revisit that page and use the new JavaScript code.

Does this help?

answered