This document discusses reconciling user experience and security in mobile applications. It explores techniques for user authentication on mobile that can disrupt user experience if not implemented properly. It proposes balancing authentication complexity and frequency to improve user experience without compromising security. The document also examines using biometrics, risk-based authentication, and single sign-on across mobile apps and third-party apps to improve both security and user experience on mobile. It describes components of a solution including API routing, brokering, and protected endpoints to enable secure access to APIs from mobile applications.