Hello!
We are developing a customized version of SugarCRM mobile and we would like to be able to force users to use this app, not the one Sugar provides us.
Is this possible?
thanks!!
Hello!
We are developing a customized version of SugarCRM mobile and we would like to be able to force users to use this app, not the one Sugar provides us.
Is this possible?
thanks!!
Perhaps you can update in app.json the attribute jsConfig.clientID to some value other than "sugar".
In the Sugar server side you can create a custom version of SugarOAuth2StorageMobile (custom/include/SugarOAuth2/SugarOAuth2StorageMobile) and override the method checkUserCredentials in order to evaluate if provided $client_id is "sugar", so you can refuse access.
Regards
Thanks for the solution André!
I have got this to work for a customer who is using a custom mobile app (when using username/password) but we are running into issues when the users log in via Single Sign On as the clientId seems to be hardcoded somewhere to "sugar" in the SSO scenario.
Thanks for the solution André!
I have got this to work for a customer who is using a custom mobile app (when using username/password) but we are running into issues when the users log in via Single Sign On as the clientId seems to be hardcoded somewhere to "sugar" in the SSO scenario.
I believe that in this scenario (SSO) the client_id is defined by the Identity Provider thanks to configured metadata.
Having that said I would suggest to extends the class SugarOAuth2Storage located at include/SugarOAuth2 in order to override the given client_id based on arguments $uri and $inputData in the method checkGrantExtension.
We had done something similar for implementing SAML authentication on Self Service Portal.