So one of my customer request us to create mobile app. They prepare the API and this application just get and post all the data from/to their API.
One of my concern is, they want to using their Phone Number API to logging in into the application and not using outsystems users.
What is the consequences when the conditions like this?Will there be any security or performance issues?Or maybe anything else?
Just for information, we are using ODC to develop this Mobile App.
Hi Richie Yohanes ,
According to my understanding, you wanted to integrate a third-party API to validate your user on login, and the OS permits us to do so, it has no effect at all. Only you need to place a condition to check new and existing users.
However, you must take care of user creation the first time a user logs in. For example, if your user is new and attempting to login into your mobile app, you must create a user in the user entity upon successful validation from your API, but the next time the same user tries to login, you must use the existing user entity record.
Thanks,
Narendra
Hi Narendra Maheshwari,
Thank you for your reply, maybe we will explore more further about this. Because we don't want mistakes to happen, because this will impact the performance of our company and the outsystems themselves.
Thank you,
Richie
I appreciate your concern. It is similar in that SSO/AD login should not be a problem. In terms of security, after validating the API user, you will use the OutSystems login method, which is similar to the username and password login method.