Symptom
-
"Authorize Client" page is still popped up when logging on SAC Mobile App by using Face ID or Touch ID
- Sometime asking customer to relogon after clicking Authorize button
Environment
-
SAP Analytics Cloud 2019.2.7
Reproducing the Issue
-
Logon SAC Mobile App by using Face ID or Touch ID.
- Normally "Authorize Client" will not be popped up anymore, however sometime it will be popped up.
- And sometime logon page will be displayed again after clicking Authorize button.
Cause
This behavior is by design.
Resolution
It is working as designed. There are two OAuth tokens being involved here:
•Access token (expires in 30 minutes)
•Refresh token (expires in 7 days)
Provided that the user logged in before, if the user does not logged into the iOS app within 30 minutes, the Access token will expire.
However, we will try to use the Refresh token to get net sets of tokens (both access and refresh). If this is successful, we will now have a new Access token that we use to login to iOS.
In this workflow, the user will not notice anything. (Both tokens will have renewed 30-minute and 7-day expiration limits.)
However, if the user app idle for 7 days, or for whatever reason the tokens are revoked in the OAuth server (which their administrators can do), we will need to ask the user do a full fledge login, and go through the "Authorize" page and get new sets of tokens.
Prior to the OAuth dialog (Authorize page) showing up, whether the user asked to provide credentials or not is up to their SAML Identity Provider setup.
See Also
- How to find User Assistance for SAP Analytics Cloud?
- Ask a question on the SAP Community!
- 2487011 - What information do I need to provide when opening incidents with SAP Analytics Cloud (Hint: Use component LOD-ANA*)
Your feedback is important to help us improve our knowledge base.
Please rate how useful you found this article by using the star rating feature at the beginning of this article.
Thank you.
Keywords
Mobile App, authorize, pop up, relogon, SAC, Cloud for Analytics, Cloud4Analytics, CloudforAnalytics, Cloud 4 Planning, BOC, SAPBusinessObjectsCloud, BusinessObjectsCloud, BOBJcloud, BOCloud., SAC, SAP AC, Cloud-Analytics, CloudAnalytics, SAPCloudAnalytics
It is working as designed. There are two OAuth tokens being involved here:
•Access token (expires in 30 minutes)
•Refresh token (expires in 7 days)
Provided that the user * logged in before, if the user * not logged into the * iOS app within 30 minutes, the Access token (which is the token the user * to login to * will expire. However, we will try to use the Refresh token to get net sets of tokens (both access and refresh). If this is successful, we will now have a new Access token that we use to login to * iOS. In this workflow, the user * not notice anything. (Both tokens will have renewed 30-minute and 7-day expiration limits.)
If, however, the user * app idle for 7 days, or forwhatever reason the tokens are revoked in the OAuth server (which their administrators can do), we will need to ask the user * do a full fledge login, and go through the "Authorize" page and get new sets of tokens. Prior to the OAuth dialog (Authorize page) showing up, whether the user * asked to provide credentials or not is up to their SAML Identity Provider setup. , KBA , LOD-ANA-MOB-IOS , SAC Mobile IOS specific , Problem