We have following requirement: We already have a web app using SAML, now we are going to implement Okta login in IOS mobile application. I got the following link from your web site "https://developer.okta.com/use_cases/mobile/okta_mobile_connect " In that its mentioned like.
To work with Okta Mobile Connect, your mobile app needs to meet the criteria below:
- It must support SAML authentication via an embedded web view that allows any URL to be called from inside the embedded web view.
- It must have a URI scheme registered for the app that only returns the app to foreground when called.
I got a link which mentioned like # WebViews are bad — Use AppAuth for Mobile Single Sign-On.
Ques. As you mentioned in (1), using embedded web view makes any security issue ?