BPM Mobile SSO

Andrew Dearden · September 3, 2013

I have just installed BPM Mobile 2.0 in one of our environments, which has BPM 9.2.0.1. I can log in to the system by typing a username and password (from eUser) on the screen which the Mobile app presents.

My question is: would it be possible to implement some form of Single Sign On for the Mobile app? In other words, I would like the user to receive a single prompt for their Active Directory username and password and for this to be processed by the SAP scripts already configured for our environment.

Is this possible, or how else can I validate the credentials for Mobile against AD?

I have observed that our standard SSO script is executing and rejecting the login because the ClientType is blank rather than "WEB;SSO". It then falls through to the eUser.js which looks at eUser and succeeds.

Brian Mellert · September 3, 2013

I believe Mobile 9.3 (for MBPM 9.3) is the first installation to support mobile SSO, with the following (from the release notes):

5 Supported Environments for SSO

SSO is supported on the following environments:
• Desktop browsers

• Windows Phone devices

• iOS devices

• Android devices with operating system version 4 and newer
SSO is not supported on the following devices:
• Blackberry devices

• Android devices with operating system older than version 4

Andrew Dearden · September 3, 2013

Thanks for the info. Unfortunately, most of our users have Blackberrys! Moving to BPM 9.3 isn't something we could do in the short term either.

I'm going to see what I can do with SAP scripts. Do you know if there's any way of telling in a SAP script that this is the Mobile app? As I said in my original post, the ClientType seems to be blank.

Gareth_Jackson · September 3, 2013

Hi Andrew

Could you not use the fact that client type is blank to determine that it is mobile in the short term until 9.3 is feasible.

Gareth

BPM Mobile SSO

Comments

Categories