in the form of claims. Read on to learn more about adding federated authentication in your app. Best practices of apps and user authenticationHow to setup your user authentication in apps is well documented. The Internet Engineering Task Force (IETF) has published a list of recommended best practices for security and user experience around use of these specifications in native apps. Read the Ping Identity blog if you want to know more about this. The Carnegy Mellon CERT also published a blog about good app authentication. How adding federated authentication improves securityOffering your customers federated authentication the right way means end-users visually only hand off their password to their home organizations, and see their familiar organization login page. Opposed to this are app-developers offering their own in app login page: by doing that, users get more vulnerable to phishing attacks, since they get used to inputting their passwords in all kinds of apps. App-developers offering ‘the right’ way of federated authentication can use this in their sales pitch to new customers! Ways of adding federated authentication in your appYou have a couple of options to do great authentication in your app |