The document discusses the challenges of maintaining user sessions in mobile applications when integrating with third-party web applications and describes how to utilize CA Mobile API Gateway features with OAuth and SAML to streamline user experience. It outlines the scenario, the components involved, and the technical details of transitioning from a native app to a web application. Additionally, it includes information about recommended sessions related to enterprise mobile app management.

1. Provide Mobile User Session
Sharing Through OAuth and SAML
Sascha Preibisch – Principal Software Architect – CA Technologies
DO3X50E
DEVOPS

2. 5 © 2016 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
For Informational Purposes Only
Terms of this Presentation
© 2016 CA. All rights reserved. All trademarks referenced herein belong to their respective companies.
The content provided in this CA World 2016 presentation is intended for informational purposes only and does not form any type of
warranty. The information provided by a CA partner and/or CA customer has not been reviewed for accuracy by CA.

3. 6 © 2016 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
Abstract
Users of mobile apps like to login to an app once and not get
asked for credentials again. In the case of an enterprise that has
integrations with third-party web applications it may be difficult
to re-use the user session the native app is maintaining.
In this workshop we will show how to leverage the
CA Mobile API Gateway features to forward the user session
using OAuth and SAML.
Sascha
Preibisch
CA Technologies
Principal Software
Architect

4. 7 © 2016 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
Agenda
WHAT IS THE SCENARIO
WHAT ARE THE CHALLENGES
WHAT IS CA MOBILE API GATEWAY
SWITCHING FROM NATIVE APP TO WEB APPLICATION
1
2
3
4

5. 8 © 2016 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
What Is The Scenario
Components that are involved
API
Gateway
Backend
DB
Third-Party
Web
Application
Federated Token Server
(SAML)
Native App
Browser
Internet
DMZ
IDP
Device

6. 9 © 2016 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
Third-Party
Web
Application
API
Gateway
Backend
DB
Federated Token Server
(SAML)
Native App
Browser
Internet
DMZ
IDP
Device
What Are The Challenges
User session

7. 10 © 2016 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
Backend
DB
Federated Token Server
(SAML)
DMZ
IDP
Device
What Is CA Mobile API Gateway
It is the component that connects it all
DMZ
Native App
Browser
Internet
CA
Mobile API
Gateway
Third-Party
Web
Application

8. 11 © 2016 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
Device
Switching From Native App To Web Application
From OAuth to SAML
DMZ
OAuth
Switch
Context
Validate
OAuth
session
Request
SAML
Token
WebSSO
Native App
Browser
Federated Token Server
(SAML)
Internet
CA
Mobile API
Gateway
Third-Party
Web
Application

9. 12 © 2016 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
Recommended Sessions
SESSION # TITLE DATE/TIME
DO3T80S
Case Study: Centrica – How CA APIM is enabling Britain’s
largest energy provider to know their customer before they
open the door
11/16/2016 at 03:00 pm
DO3T05S
Case Study: LG&E/KU - How Mobile Apps, APIs With
Microservices and CA API Management are Helping to Shape
the Company’s Future
11/16/2016 at 03:45 pm
DO3T02S
Case Study: Adobe - Securing, managing and deploying
enterprise mobile apps
11/17/2016 at 1:00 pm

10. 13 © 2016 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
Questions?

11. 14 © 2016 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
Stay connected at communities.ca.com
Thank you.