ServiceNow, Inc.
Session management for mobile devices

Abstract:

A computing system includes a web browser and a native application configured to, at a first time, receive first instructions to log out of a first session authorized by way of an authorization server. Based on the first instructions, the native application removes a first access token that was provided to the native application by the authorization server and is related to authorization of the first session. At a second time later than the first time, the native application receives second instructions to authorize a second session and, based thereon, generates third instructions configured to cause the authorization server to terminate active sessions between the authorization server and the web browser prior to initiating a log-in procedure with the web browser for the second session. The third instructions are provided to the authorization server, which provides an authorization code exchangeable for a second access token related to the second session.