Skip to Content

Fiori Mobile Client (iOS) with Single Sign On options using IDP/SAML

We are looking to integrate our IDP (Provided by OKTA) and SAP Fiori Mobile Client on iOS to implement the single sign on functionality.

  • We are able to access FLP using Fiori Client and OKTA – but OKTA requires sign-in when the session ends, or when the app is closed and started again. (the SAML ticket is not persistent)

I was wondering if any one has had success in customizing the Fiori Client such that the SAML ticket could be made persistent when the app is closed?

Signing-in to the IDP everytime the app is opened is not a preferred way.

Additional question - If the Fiori Client were to receive push notifications - how does unavailability of persistent connection with the back-end affect the ability to receive notifications on the device?

    Add a comment
    10|10000 characters needed characters exceeded

    Related questions

    2 Answers

    • Posted on Sep 28, 2018 at 08:40 PM

      Hi, unfortunately I don't have an answer for you, but I'm working in a similar topic. I was thinking to do something in between your points 1 and 2. My understanding is that okta provides MDM features, so an x.509 scenario could be viable. Did you explore this option?

      Also, in your point number 1, when you say "We are able to access FLP using Fiori Client and OKTA – but OKTA requires sign-in when the session ends, or when the app is closed and started again. (the SAML ticket is not persistent)" Are you using the pre-integrated SAP Fiori client that okta has in the Okta applications network? Does not it have persistence for the SAML certificate?

      Now a question of curiosity, how is the experience from user perspective for your first integration with okta. Do they have to log in to the browser and then run the SAP fiori client, or you are using the Okta mobile app to allow you to use the native fiori client? Please let me know how does it work from user prospective, it is curiosity because I will be soon working with your same topics.

      By the way, it is always possible to create a custom client to manage the persistence, although it is something you will also want to avoid.

      Let me know your progress.

      Thanks,

      Fernando

      Add a comment
      10|10000 characters needed characters exceeded

    • Posted on Oct 25, 2019 at 03:00 AM

      Hi Arihant,

      i was wondering if you were able to solve your problem?

      Add a comment
      10|10000 characters needed characters exceeded

    Before answering

    You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
    You must be Logged in to submit an answer.

    Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.