Skip to Content (Press Enter)
UserImage.jpg
Eduardo Ferreira
27Views
3Comments
[Touch ID Plugin] SSO With Touch Id Plugin
Question
Mobile
Forge
touch-id-plugin
Mobile icon
Touch ID Plugin (O11)
Forge asset by OutSystems
Application Type
Mobile
Service Studio Version
11.55.44 (Build 64393)

I need to integrate Azure login into a mobile application. Currently, we have internal OutSystems authentication logic, and we want to find a way to switch to Azure AD authentication, but we need to be able to save the credentials as we do with the current logic. We need a way to store the credentials to later integrate authentication with Touch ID and Face ID in the same application (Touch ID Plugin). 

Typically, when implementing biometric authentication, we encrypt the username and password and use them for login validation. I'm familiar with this process in a standard application configuration. However, I don't know how to do this using SSO, which relies on a browser integrated into the application for authentication. 

Could you guide me on how to implement biometric authentication in this SSO scenario? 

Thank you. 

0
0
05 Nov 2025
Copy Link
2019-03-19 12-24-07
Mariano Picco
 
MVP

I've not implemented anything like this before but it seems to me that what you need to do is no longer 'save the username and password so you can use them when biometrics check passes', instead, with SSO you'll refresh or issue a new token once the User passes the biometric check

With OutSystems log on:

First log in OK -> encrypt and store credentials
Subsequent logins -> check Biometric data -> pass -> use encrypted credentials to log on

With SSO:

First log in (through web/SSO's requirements) -> issue a token -> use token for login, store token in mobile Keychain/Keystore
Subsequent logins -> if biometrics pass, use Keychain token to login, possibly re-issue a token if nearing its end date validity


0
0
06 Jan
Copy Link
2025-09-25 14-38-22
Lokesh Kumar Yadav

Store the Azure token in Secure Storage and use Touch ID / Face ID to unlock it and restore the session

Authenticate via Azure AD SSO  get the Azure token.


Save token store it in Secure Storage on the device.


Enable biometrics use Touch ID / Face ID to unlock.


Restore session use the unlocked token to log in automatically

0
0
07 Jan
Copy Link
2025-07-22 10-30-27
Mandar Deshpande

Hi @Eduardo Ferreira 

Biometrics are used for local user presence verification and Azure AD for identity verification.

Biometrics do not authenticate the user to Azure. They authenticate the user to the device, so the app can safely reuse an existing session/token.

The recommended architecture that can be followed in this case: 

  • First Login (Azure AD)    
  • Azure issues tokens (ID token + Access token + Refresh token)    
  • App stores tokens securely     
  • Biometric login only unlocks those tokens    
  • Tokens used silently to re-authenticate

In this case, no password ever touches your app.

Hope this helps.

0
0
06 Feb
Copy Link
Community GuidelinesBe kind and respectful, give credit to the original source of content, and search for duplicates before posting.