Edusign

This article aims to explain how Single Sign-On (SSO) works in Webviews and MicroApps, highlighting the differences in session persistence and authentication mechanisms.

___________________________________________________________

A Webview is a component integrated into a mobile application that allows displaying web content. It acts as an embedded browser, providing a smooth user experience without leaving the app.

A MicroApp is an autonomous feature embedded in a main application. It generally interacts with backend services via APIs, without requiring a web interface.

In a mobile application, a single instance of Webview is generally used. This means that:

Session cookies are shared among different Webviews.

Once the user is authenticated via SSO in a Webview, the session remains active for other services accessible via Webview, as long as the session has not expired.

- Session cookies are shared among different Webviews.
- Once the user is authenticated via SSO in a Webview, the session remains active for other services accessible via Webview, as long as the session has not expired.

For example, if a student logs in to a housing service via SSO in a Webview, they will not need to reconnect to access another service using the same instance of Webview.

Session persistence depends on the validity of the cookies. If the cookies expire or are deleted, re-authentication will be necessary.

Webviews do not share cookies with external browsers. Thus, an active session in a Webview is not recognized in the device's native browser, and vice versa.

- Session persistence depends on the validity of the cookies. If the cookies expire or are deleted, re-authentication will be necessary.
- Webviews do not share cookies with external browsers. Thus, an active session in a Webview is not recognized in the device's native browser, and vice versa.

MicroApps do not rely on Webviews for authentication. Instead, they use Machine-to-Machine (M2M) mechanisms to interact with backend services.

The mobile app acts as a trusted client, authenticating with the backend service via access tokens obtained through the OAuth 2.0 Client Credentials flow.

No user interaction is required for authentication, as credentials are exchanged directly between machines.

- The mobile app acts as a trusted client, authenticating with the backend service via access tokens obtained through the OAuth 2.0 Client Credentials flow.
- No user interaction is required for authentication, as credentials are exchanged directly between machines.

This mechanism is particularly suited for services requiring secure communication between applications, without human intervention.

📊 Comparison between Webviews and MicroApps

- Ensure that session cookies are properly managed and persistent to maintain the SSO connection.
- Inform users that the session may expire and re-login might be necessary.

- Use access tokens with appropriate lifespans to balance security and performance.
- Implement token refresh mechanisms if necessary.

- Webviews:
 - Ensure that session cookies are properly managed and persistent to maintain the SSO connection.
 - Inform users that the session may expire and re-login might be necessary.
- MicroApps:
 - Use access tokens with appropriate lifespans to balance security and performance.
 - Implement token refresh mechanisms if necessary.

Understanding the differences between Webviews and MicroApps in terms of SSO can help you choose the solution best suited to your needs, ensuring a seamless and secure user experience.

<a href="https://help.edusign.com/fr/articles/9595978-tout-savoir-sur-les-sso">All about SSO</a>

🔐 Understanding SSO Connection in Webviews and MicroApps

Developer API

Blog

Website

Webinaires

Podcast

Find answers and get help from Intercom Support and Community Experts

This site employs cookies and other technologies that we and our third party vendors use to monitor and record personal information about you and your interactions with the site (including content viewed, cursor movements, screen recordings, and chat contents) for the purposes described in our Cookie Policy. By continuing to visit our site, you agree to our {websiteTermsLink}, {privacyPolicyLink} and {cookiePolicyLink}.

This site uses cookies and similar technologies ("cookies") as strictly necessary for site operation. We and our partners also would like to set additional cookies to enable site performance analytics, functionality, advertising and social media features. See our {cookiePolicyLink} for details. You can change your cookie preferences in our Cookie Settings.

We use cookies to make our site work and also for analytics and advertising purposes. You can enable or disable optional cookies as desired. See our {cookiePolicyLink} for more details.

Advertising cookies are set by our advertising partners to collect information about your use of the site, our communications, and other online services over time and with different browsers and devices. They use this information to show you ads online that they think will interest you and measure the ads' performance. Social media cookies are set by social media platforms to enable you to share content on those platforms, and are capable of tracking information about your activity across other online services for use as described in their privacy policies.

These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.

These cookies are necessary for the website to function and cannot be switched off in our systems.

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site.

You have the right to opt out of the sale of your personal information. See our {cookiePolicyLink} for more details about how we use your data.

Your Privacy Choices

We use cookies to enhance your experience. You can customize your cookie preferences below. See our {cookiePolicyLink} for more details.

Cookie Settings

Link, Press control-option-right-arrow to exit

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Thinking...

Searching through sources...

Analyzing...

Tickets submitted through the messenger or by a support agent in your conversation will appear here.

Characteristic	Webview	MicroApp
Authentication Type	SSO via embedded browser	M2M Authentication via API
Session Persistence	Depends on session cookies	Managed by access tokens with expiration
User Interaction	Requires initial login action	None, everything is managed in the background
Session Sharing	Possible between Webviews in the same instance	Not applicable

🔐 Understanding SSO Connection in Webviews and MicroApps

🎯 Objective

🧭 Key Definitions

Webview

MicroApp

🔐 SSO Functionality in Webviews

🔄 Session Sharing

⚠️ Limitations

🤖 SSO Functionality in MicroApps

🔐 M2M Authentication

📊 Comparison between Webviews and MicroApps

✅ Best Practices