PASSPORTING CREDENTIALS BETWEEN A MOBILE APP AND A WEB BROWSER

摘要

Systems and methods for passporting credentials provide a mechanism by which a native app on a client device can invoke a service provider's core web site web addresses (URL) while keeping the existing session active and shared between the two experiences (native app and web flow) so that the end user does not need to re-login at each context switch. The mechanism can include a unique way for the web flow context to communicate conditions and pass control back to the native app context of the shared session. Embodiments may operate by authenticating a device session from a native app executing on a client device producing a device session token; passing the device session token from a native app to an embedded browser to authenticate a user when entering a web flow; and entering the web flow, according to the session token, on an embedded browser driven by the native app so that the user encounters a single shared session (device session and web session) running at least two parallel secure communication interactions with an infrastructure.