• Workcloud Communication PTT Pro for Android Configuration Guide
Enable Single Sign On (SSO)
Enable Single Sign On (SSO)

Enable Single Sign On (SSO)

When
PTT Pro for Android
 is configured to use OAuth authentication, an administrator can configure the OAuth sign-in process to authenticate additional apps.
Requires PTT Pro 3.3.10235 or later.
PTT Pro for Android
 users authenticate through a web page provided by the PTT app, referred to as Android WebView. The
use_webview
 parameter enables the use of a Chrome custom tab for OAuth authentication.
When a user authenticates through the Chrome custom tab:
  • If another app has authenticated to the same oAuth URL, 
    PTT Pro for Android
     does not prompt for credentials and opens to the default view.
  • If another app has not been authenticated, the OAuth content displays in the custom tab, and the PTT user has to provide the credentials. After the user logs in,
    PTT Pro for Android
     opens to the default view.
This parameter requires that OAuth is configured for
PTT Pro for Android
. Refer to OAuth Configuration  for more information.
use_webview Parameters
Parameter
Description
Type
Default Value
Configurable Values
use_webview
Controls whether the OAuth login displays in the WebView or the Chrome custom tab.
Set this parameter to false to enable the custom tab.
Boolean
true
true or false
custom_tab_logout_api
The administrator must specify the logout URL so that the user can logout from the custom tab.
Sting
N/A
N/A
JSON Example
The following code snippet for
WFCPTTProDefault.json
 provides an example for enabling single sign-on. You need to provide values for
client_id
,
client_secret
, and
custom_tab_log_api
.
{
    "custom_tab_logout_api": "http://auth-server/auth/realms/{realm-name}/protocol/openid-connect/logout",
    "oAuthClientID": "client_id",
    "oAuthClientSecret": "client_secret",
    "use_webview": false
}
When enabled, the client displays the following behavior:
  • If a user logs in to a second device without logging out of the first device, then the first device may not operate as expected.
  • The activation screen briefly displays before launching the WebView or custom tab.
  • If the user taps the close menu or backpress, the activation screen displays.
  • When a user signs out, the custom tab displays and the user needs to consent to log out. The user is signed out automatically, even if the user does not provide consent.