How to use SSO for PWA?
Is it possible to use SSO for PWAs for standalone display?
I can login to my app through email but if I try twitter/fb/google SSO, it opens to a new browser since they are out of the scope. This makes it pretty useless...
Is the only solution to just wrap the app?
single-sign-on manifest.json
asked May 25 '18 at 23:59
Robert GuiceRobert Guice
10919
add a comment |
Is it possible to use SSO for PWAs for standalone display?
I can login to my app through email but if I try twitter/fb/google SSO, it opens to a new browser since they are out of the scope. This makes it pretty useless...
Is the only solution to just wrap the app?
single-sign-on manifest.json
asked May 25 '18 at 23:59
Robert GuiceRobert Guice
10919
add a comment |
Is it possible to use SSO for PWAs for standalone display?
I can login to my app through email but if I try twitter/fb/google SSO, it opens to a new browser since they are out of the scope. This makes it pretty useless...
Is the only solution to just wrap the app?
single-sign-on manifest.json
asked May 25 '18 at 23:59
Robert GuiceRobert Guice
10919
Is it possible to use SSO for PWAs for standalone display?
I can login to my app through email but if I try twitter/fb/google SSO, it opens to a new browser since they are out of the scope. This makes it pretty useless...
Is the only solution to just wrap the app?
single-sign-on manifest.json
single-sign-on manifest.json
asked May 25 '18 at 23:59
Robert GuiceRobert Guice
10919
asked May 25 '18 at 23:59
Robert GuiceRobert Guice
10919
asked May 25 '18 at 23:59
Robert GuiceRobert Guice
10919
asked May 25 '18 at 23:59
Robert GuiceRobert Guice
10919
asked May 25 '18 at 23:59
Robert GuiceRobert Guice
10919
10919
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
The short answer is, SSO-inside-an-installed-PWA is broken on Chrome for Desktop as of Chrome 70 (November 2018).
The good news is, the W3C web.manifest standard has changed, and will no longer require browsers to open out-of-scope navigation in a separate window. This will fix the case of installed PWAs with single-sign-on authentication. This will be fixed in Chrome 71 on the desktop (due December 2018), and is already fixed on Chrome for Android.
Here's the update to the W3C web.manifest spec that details the change. In short, the spec says browsers must not block out-of-scope navigation inside an installed PWA. Instead, the spec encourages browsers to show some prominent UI (perhaps a bar at the top) notifying the user that the navigation is out-of-scope.
"Unlike previous versions of this specification, user agents are no
longer required or allowed to block off-scope navigations, or open
them in a new top-level browsing context. This practice broke a lot of
sites that navigate to a URL on another origin..."
answered Nov 7 '18 at 19:38
Judah Gabriel HimangoJudah Gabriel Himango
42.8k32145199
add a comment |
protected by Community♦ Nov 22 '18 at 5:45
Thank you for your interest in this question.
Because it has attracted low-quality or spam answers that had to be removed, posting an answer now requires 10 reputation on this site (the association bonus does not count).
Would you like to answer one of these unanswered questions instead?
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
The short answer is, SSO-inside-an-installed-PWA is broken on Chrome for Desktop as of Chrome 70 (November 2018).
The good news is, the W3C web.manifest standard has changed, and will no longer require browsers to open out-of-scope navigation in a separate window. This will fix the case of installed PWAs with single-sign-on authentication. This will be fixed in Chrome 71 on the desktop (due December 2018), and is already fixed on Chrome for Android.
Here's the update to the W3C web.manifest spec that details the change. In short, the spec says browsers must not block out-of-scope navigation inside an installed PWA. Instead, the spec encourages browsers to show some prominent UI (perhaps a bar at the top) notifying the user that the navigation is out-of-scope.
"Unlike previous versions of this specification, user agents are no
longer required or allowed to block off-scope navigations, or open
them in a new top-level browsing context. This practice broke a lot of
sites that navigate to a URL on another origin..."
answered Nov 7 '18 at 19:38
Judah Gabriel HimangoJudah Gabriel Himango
42.8k32145199
add a comment |
The short answer is, SSO-inside-an-installed-PWA is broken on Chrome for Desktop as of Chrome 70 (November 2018).
The good news is, the W3C web.manifest standard has changed, and will no longer require browsers to open out-of-scope navigation in a separate window. This will fix the case of installed PWAs with single-sign-on authentication. This will be fixed in Chrome 71 on the desktop (due December 2018), and is already fixed on Chrome for Android.
Here's the update to the W3C web.manifest spec that details the change. In short, the spec says browsers must not block out-of-scope navigation inside an installed PWA. Instead, the spec encourages browsers to show some prominent UI (perhaps a bar at the top) notifying the user that the navigation is out-of-scope.
"Unlike previous versions of this specification, user agents are no
longer required or allowed to block off-scope navigations, or open
them in a new top-level browsing context. This practice broke a lot of
sites that navigate to a URL on another origin..."
answered Nov 7 '18 at 19:38
Judah Gabriel HimangoJudah Gabriel Himango
42.8k32145199
add a comment |
The short answer is, SSO-inside-an-installed-PWA is broken on Chrome for Desktop as of Chrome 70 (November 2018).
The good news is, the W3C web.manifest standard has changed, and will no longer require browsers to open out-of-scope navigation in a separate window. This will fix the case of installed PWAs with single-sign-on authentication. This will be fixed in Chrome 71 on the desktop (due December 2018), and is already fixed on Chrome for Android.
Here's the update to the W3C web.manifest spec that details the change. In short, the spec says browsers must not block out-of-scope navigation inside an installed PWA. Instead, the spec encourages browsers to show some prominent UI (perhaps a bar at the top) notifying the user that the navigation is out-of-scope.
"Unlike previous versions of this specification, user agents are no
longer required or allowed to block off-scope navigations, or open
them in a new top-level browsing context. This practice broke a lot of
sites that navigate to a URL on another origin..."
answered Nov 7 '18 at 19:38
Judah Gabriel HimangoJudah Gabriel Himango
42.8k32145199
The short answer is, SSO-inside-an-installed-PWA is broken on Chrome for Desktop as of Chrome 70 (November 2018).
The good news is, the W3C web.manifest standard has changed, and will no longer require browsers to open out-of-scope navigation in a separate window. This will fix the case of installed PWAs with single-sign-on authentication. This will be fixed in Chrome 71 on the desktop (due December 2018), and is already fixed on Chrome for Android.
Here's the update to the W3C web.manifest spec that details the change. In short, the spec says browsers must not block out-of-scope navigation inside an installed PWA. Instead, the spec encourages browsers to show some prominent UI (perhaps a bar at the top) notifying the user that the navigation is out-of-scope.
"Unlike previous versions of this specification, user agents are no
longer required or allowed to block off-scope navigations, or open
them in a new top-level browsing context. This practice broke a lot of
sites that navigate to a URL on another origin..."
answered Nov 7 '18 at 19:38
Judah Gabriel HimangoJudah Gabriel Himango
42.8k32145199
edited Nov 7 '18 at 20:04
answered Nov 7 '18 at 19:38
Judah Gabriel HimangoJudah Gabriel Himango
42.8k32145199
answered Nov 7 '18 at 19:38
Judah Gabriel HimangoJudah Gabriel Himango
42.8k32145199
answered Nov 7 '18 at 19:38
Judah Gabriel HimangoJudah Gabriel Himango
42.8k32145199
42.8k32145199
add a comment |
add a comment |
protected by Community♦ Nov 22 '18 at 5:45
Thank you for your interest in this question.
Because it has attracted low-quality or spam answers that had to be removed, posting an answer now requires 10 reputation on this site (the association bonus does not count).
Would you like to answer one of these unanswered questions instead?
