Configuring Corporate Single Sign On
App Portal 2020 R1
In previous releases, access to the App Portal app store was limited to domain-authenticated users only. Starting with App Portal 2016, you can configure single sign-on authentication for your users using your corporate single sign-on system, enabling them to access the App Portal app store on-the-go from locations outside the corporate network or VPN.
Single sign-on authentication is supported when using the both the standard App Portal user interface and the mobile interface.
Single sign-on is configured on the Site Management > Settings > Single Sign On view, where you can separately specify settings for both the Standard User Interface and the Mobile User Interface (SAML 2.0 only).
Site Management > Settings > Single Sign-On View
App Portal provides support for the following single sign-on authentication types:
Type |
Description |
SAML 2.0 |
SAML (Security Assertion Markup Language) 2.0 is an XML-based, open-standard data format for enabling web browser single sign-on. See Configuring SAML 2.0 Authentication. Note:SAML 2.0 is the only type of single sign-on authentication type supported by the App Portal mobile interface. |
OAuth 2.0 |
OAuth is an open standard for authorization, commonly used as a way for users to log in to third party websites using their Google, Facebook, Microsoft, Twitter, etc. accounts without exposing their password. See Configuring OAuth 2.0 Authentication. Note:Not supported by the App Portal mobile interface. |
OpenID Connect |
OpenID is an open standard and decentralized authentication protocol which allows users to be authenticated by co-operating sites (known as relying parties) using a third-party service. See Configuring OpenID Connect Authentication. Note:Not supported by the App Portal mobile interface. |
Custom |
To implement a custom single sign-on authentication type, you would need to write a custom SSL page (.aspx) to redirect to. App Portal is installed with a boilerplate custom SSL page named CustomSignon.aspx, which your services team can customize for your organization. See Configuring Custom Authentication. Note:Not supported by the App Portal mobile interface. |
Important:When using single sign-on, App Portal needs to be configured to run with anonymous authentication in IIS. By default, Windows Authentication is selected.
See Also
App Portal / App Broker 2020 R1 Administration GuideAugust 2020 |