I am trying to log in on external application by bypassing its login page.
Scenario is : User logged in on Mobilefirst application on iOS/ Android device. This has been authenticated from AD (Active Directoy). Now he clicks on a link of an external application which is on a different domain and has a login page. But this is also lined with the same AD. I want to call that application without entering username/pswd again on its login page.
How can I do that?
The scenario asked is possible if during authentication (within the SecurityCheck), Active Directory returns a cookie or a token that will identify this user. If there is such an option, this token can be sent to the client when MFP authentication completes at the security check.
Later , when you are accessing the external application link, you can pass on the token/value received earlier and that should technically log you in ( if it is valid and not expired).If it is accepted in a specific header, this header and its value can be set when making the request to external application.
All this is subject to the presence of such a token and how it can be passed.
