3 Replies Latest reply on May 22, 2014 8:58 AM by mikebeargie

    Go 13 and Single Sign On (SSO)


      I know that iOS 7 supports Single Sign On, and I can see where to configure it in Apple's Profile Manager.


      But can anyone answer whether Filemaker Go 13 supports Single Sign On in iOS 7? I'll stop trying to get it to work if someone can tell me it doesn't work in the current version of Go.


      If it's supposed to work, I would greatly appreciate some documentation. I've tried lots of different permutations of the SSO settings in Profile Manager, and nothing has worked so far.





        • 1. Re: Go 13 and Single Sign On (SSO)

          No, even though iOS7 introduced SSO, FileMaker still has not added it to the Go product (but that's a great feature request!).


          You can get around this (sort of) if you store the users in a table with their iOS device's Get(PersistentID), then roll your own authentication. However this is less secure, and really isn't SSO, just a bypass to the file's login process.


          iOS7 is still new enough that I would not anticipate it to be built into FMGo yet, but it could very well be supported in the future.





          Note FileMaker Go cannot access FileMaker Server hosts available through LDAP, or view and use SSL certificates from LDAP hosts.

          • 2. Re: Go 13 and Single Sign On (SSO)

            Thanks, Mike.


            We use AD Authentication to identify users and send them to the right places and give them a personalized view, more than for security, per-se. It also allows us to keep the number of passwords people need to remember to a bare minimum.  So for us, SSO would simply give us a better user experience.  For now, we'll just keep using the "fmreauthenticatexx" Extended Privilege keyword so that at least users only have to log into each database once per day.  I'm sure there are a million different ways to roll the login process!


            I will definitely look into filing a feature request, and it's on my list for our support time at DevCon, as well!


            Thanks again.



            • 3. Re: Go 13 and Single Sign On (SSO)

              As noted, you could theoretically roll your own. If you stored your usernames, passwords and persistent Ids in a table in FM, you could use the “Re-Login” script step to automatically log in a FMGo device via an OnOpen script.


              This is insecure though, since it requires you to know the user passwords, and also it’s stored as plain text. But if it meets your need, it is an option.