SAML authentiction in Native iOS Mobile App

Rijesh K R 26 Reputation points
2020-06-12T06:14:19.147+00:00

I have been searching for a quite long time, whether SAML Authentication is available for the Native iOS Mobile App. I found some workarounds using an embedded web view we can present SAML login service to the app user. If this is the case, how will I get the token from the identity provider (my case Azure AD is the IdP)?

Does anybody have any solution please let me know.

Thanks in Advance

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,465 questions
0 comments
Accepted answer
  1. JamesTran-MSFT 36,371 Reputation points Microsoft Employee
    2020-06-16T19:39:52.723+00:00

    @RijeshKR-3930

    When it comes to SAML authentication for iOS, I was able to find a previous Q&A question which was answered a few months ago. I'll post my colleagues answer below:

    MSAL doesn't support SAML. The authentication flows provided by Microsoft Authentication Library (MSAL) are documented here: https://learn.microsoft.com/en-us/azure/active-directory/develop/msal-authentication-flows.

    • Identifier (Entity ID) : Here you need to specify the issuer of the SAML request. If you check the SAML request, you will find Issuer parameter with a URL. You need to specify that exact URL as Identifier (Entity ID) under Single Sign-On blade of your enterprise application.
    • Reply URL (Assertion Consumer Service URL): This is the URL where the SAML token will be posted after successful authentication. It should match with the Assertion Consumer Service URL in your SAML request.

    You may refer to the sample SAML IOS app, if that helps.

    If you'd like to provide a feature request regarding SAML authentication for Native iOS Mobile Apps, you can do so using our feedback link, here.

    Please let us know if any reply/answer helped resolve your question. If so, please remember to "mark as answer" so that others in the community facing similar issues can easily find a solution.

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. JamesTran-MSFT 36,371 Reputation points Microsoft Employee
    2020-06-15T20:18:32.537+00:00

    @RijeshKR-3930

    I was able to look into your issue and found a similar question asked on Stack Overflow. As you stated, the mentioned workaround, is the same when it comes to using an embedded web view.

    To hopefully answer your question - how will I get the token from the identity provider (my case Azure AD is the IdP)?

    Hopefully this helps answer your question.

    Additional Links:

    How SAML works

    Microsoft Identity platform documentation