- From: Judah Gabriel Himango <notifications@github.com>
- Date: Thu, 01 Nov 2018 09:15:49 -0700
- To: w3c/manifest <manifest@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Thursday, 1 November 2018 16:16:11 UTC
Chiming in with a +1: the lack of multiple scopes is blocking our corporate PWAs from being installed. Our PWA uses single-sign-on (SSO) for authentication in our corporate network. In a normal web page, our web app redirects to the SSO domain, does the login, and sends us back a token. But as an _installed_ PWA, our app launches in its own window, but browsers like Chrome and mobile Safari spawn a new _separate_ browser window for our redirect to the SSO domain. And that separate browser doesn't send back the SSO token to our original PWA window. This busts the whole thing and prevents our app from working as an installed PWA. I see I'm not alone: [this study](https://docs.google.com/document/d/1fOsQWOOVuKyqO7cXZoKmxZGQ9FLgLMwmCRw3OEqIKrQ/mobilebasic) shows many of the top 20 websites require a different domain for login. Any of the proposed solutions here would work: scopes being an array, or having a "stay_in_app" setting that lets us specify which URLs to load inside the app. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/manifest/issues/449#issuecomment-435089728
Received on Thursday, 1 November 2018 16:16:11 UTC