SugarCRM Mobile. How can I prevent our users to access using Sugar version

Hello!

We are developing a customized version of SugarCRM mobile and we would like to be able to force users to use this app, not the one Sugar provides us.

Is this possible?

thanks!!

Parents
  • Perhaps you can update in app.json the attribute jsConfig.clientID to some value other than "sugar".

    In the Sugar server side you can create a custom version of SugarOAuth2StorageMobile (custom/include/SugarOAuth2/SugarOAuth2StorageMobile) and override the method checkUserCredentials in order to evaluate if provided $client_id is "sugar", so you can refuse access.

    Regards

    André Lopes
    Lampada Global
    Skype: andre.lampada
  • Thanks for the solution André!

    I have got this to work for a customer who is using a custom mobile app (when using username/password) but we are running into issues when the users log in via Single Sign On as the clientId seems to be hardcoded somewhere to "sugar" in the SSO scenario.

Reply
  • Thanks for the solution André!

    I have got this to work for a customer who is using a custom mobile app (when using username/password) but we are running into issues when the users log in via Single Sign On as the clientId seems to be hardcoded somewhere to "sugar" in the SSO scenario.

Children
  • I believe that in this scenario (SSO) the client_id is defined by the Identity Provider thanks to configured metadata.

    Having that said I would suggest to extends the class SugarOAuth2Storage located at include/SugarOAuth2 in order to override the given client_id based on arguments $uri and $inputData in the method checkGrantExtension.

    We had done something similar for implementing SAML authentication on Self Service Portal.

    André Lopes
    Lampada Global
    Skype: andre.lampada