Android Question company employee authentication?

Discussion in 'Android Questions' started by MarkusR, Mar 26, 2018.

  1. MarkusR

    MarkusR Well-Known Member Licensed User

    what is the best practice to authenticate only user in a app that belongs the company?

    i considered that the user should authentication via his company account mail & password as ms office 365.
    or maybe via active directory and web api?

    any suggestions?
     
  2. techknight

    techknight Well-Known Member Licensed User

    You would almost need a library/plugin for that. Otherwise you would need your own back-end database that your app connects to and uses to verify the user, and its authenticity and access rights.

    I know with Google to use the google account in your app, you have to add and authorize your app to google and get the unique keys to allow your app to access google.

    For a google example, take a look here: https://www.b4x.com/android/forum/threads/firebaseauth-authenticate-your-users.67875/

    Its probably something similar with microsoft.
     
    MarkusR likes this.
  3. MarkusR

    MarkusR Well-Known Member Licensed User

    thanks techknight. the company users did not have a google account. a own user database is possible but i like to have something that is managed by our admins.
    i found a documentation from ms here, it looks promising, i will try.
    https://docs.microsoft.com/en-gb/as...ion/social/microsoft-logins?tabs=aspnetcore2x
    .. omg ms provide so much possibilities

    i think i will focus on this android lib
    Microsoft Authentication Library (MSAL)
    Package com.microsoft.identity.client
    i believe the source is here
    https://github.com/AzureAD/microsoft-authentication-library-for-android
     
    Last edited: Mar 27, 2018
  4. DonManfred

    DonManfred Expert Licensed User

    I my apps i use the device-id.
    On appstart our server (php-script) is called with the deviceid.
    Based on an entry in our database for this deviceid he get results to the call. Not if the device is unknown. i then return a result which let the app block any further use.
     
  5. MarkusR

    MarkusR Well-Known Member Licensed User

    the idea is good but the staff here did not have at all a companies smart phone (unfortunately). they have only ip phones in office.
    but most of them have a private smart phone, there i care protection of privacy, and i am unsure if they will install this tool, its optional.
    me considered to provide here a "public" tablet pc for data collection in case of need central in corridor, so everybody have access to this app and its there 24/7.
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice