Is there a standard or proven model to authenticate in an sso manner various apps on the same device?
Suppose we have two apps on device that require same login/password credentials to authenticate to the same system.
We want to be able to:
– launch app1
– log in into app1
– launch app2. In the app2, user is already authenticated.
We think to a “pop” model where the first app that does the login, shares authentication’s info (e.g. a token). The second app, gets (pop) the token to do sso.
Is there some side effects on this model?
Please consider using intents, with only one of the app responsible for authentication. Others will invoke the application responsible for authentication and sso.
http://developer.android.com/reference/android/content/Intent.html
http://www.vogella.com/articles/AndroidIntent/article.html#intents_overview
Your suggested method is similar to the one used by facebook sdk for android for sso, read here
https://developers.facebook.com/docs/mobile/android/build/#enablesso
And if facebook is using it, should be field tested and proven.