Citrix Systems, Inc.
Single-sign-on for third party mobile applications

Abstract:

A mobile computing device is configured to allow a user to launch native SaaS applications from different vendors using a single-sign-on without having to modify or hook the native SaaS applications. A VPN application operates as man-in-the-middle (MITM) for identity provider requests from SaaS services. The VPN application is initially authenticated with the identity provider, and receives an IDP authentication token which is stored. The IDP authentication token is used for authentication requests from SaaS services.