Feide login to mobile apps


To enable Feide login to a mobile application (app), the app should use a web page to handle the authentication dialogue with Feide login service.

The user experience is shown step by step in the illustration below:

Step 1 Step 2 Step 3

Step 1: The user opens the app, and presses the "Login" button.

Step 2: A browser window is opened and the user is immediately redirected to the Feide login page, where the user enters username and password.

Step 3: After a successful login, the user is sent back to the app, now as an authenticated user.


This illustration shows the solution from a technical point of view:

The login flow between the app, the web page of the service provider and the Feide IdP is:

  1. The user presses the login-button in the app

  2. The app opens a web page hosted on the service providers domain in the web browser (e.g. https://www.someapp.no/login_app)

  3. The web page creates a SAML 2.0 authentication request and sends it to the Feide IdP

  4. The user logs in on the Feide IdP

  5. The Feide IdP sends a SAML 2.0 authentication response back to the web page

  6. The SP processes the authentication response, and then returns the user to the app. When returning the user to the app, a token identifying the user is incuded.

  7. The app uses the token to validate the user against the SP web service