Google Identity Platform SAML setup for mobile applications

2
votes

I have successfully set up SAML on my react web app with Google Identity Platform and the redirection works when logging in with my test account with Okta(Identity Provider). There is no documentation for mobile SAML setup for Google Identity Platform. Is there any way to set this up or customize the redirect behavior so that it redirects to a mobile URL scheme? (for example, my-apps-bundle-id://saml-sign-in)

1
firebase-authenticationsingle-sign-onsamlgoogle-identity
Did you try setting the required redirect target in the RelayState on OKTA and see if it is honored by the app?Sergio Pulgarin
What will I set the RelayState? Can you give me an example.Cenk Yurtbilir
According the SAML2 protocol, the RelayState can be used to redirect users after authentication happens. I'm not 100% sure that it will work, but try looking for the Relay State parameter on OKTA and set it to the mobile URL scheme that you want. You can use the web inspector [Preserve logs] to see if OKTA sent this parameter in the SAMLResponse to the ACS endpoint.Sergio Pulgarin
I think RelayState works for IdP initiated flows. And not sure it is used for redirecting to mobile appsCenk Yurtbilir

1 Answers

2
votes

It's not yet supported by Firebase for native apps. The "classic" approach is to use a secure equivalent of a web view: SFSafariViewController in iOS9+ or Chrome Custom Tabs in Chrome 45+