Centralized login
With this option, you reuse the AM UI or your own web application for login requests in multiple apps and sites.
When a user attempts to log in to your application or site, they are redirected to a central login UI. After the user authenticates, they are redirected back to your application or site.
Changes to authentication journeys in your AM service are available to all apps that use the central login UI. Your app or site does not need to access user credentials.
Use cases
-
If you require a consistent UI and user experience (UX) in all your apps and sites, using centralized login may be the best option.
-
Simple branding and control over UX is sufficient.
-
Your mobile apps use browser-based single sign-on.
For instructions on enabling centralized login, refer to Use centralized login.
Security considerations
-
Using centralized login in apps built by a third party is safer than using embedded login. Third parties cannot access user credentials.
-
User credentials are authenticated in one domain/origin and not sent elsewhere for authentication.
-
Your apps and sites can use browser-based single sign-on.