Determining Pivotal Single Sign‑On App Type
This topic explains how to determine your Pivotal Single Sign‑On app type.
Before you bind or register an app, you must determine its Pivotal Single Sign‑On app type and the corresponding OAuth grant type. OAuth grant types determine how the app communicates with Pivotal Single Sign‑On to acquire tokens for authentication and authorization purposes.
See the table below to determine your app’s Pivotal Single Sign‑On app type and OAuth Grant Type:
|App Type||Pivotal Single Sign‑On App Type||OAuth Grant Type|
|Native Mobile, Desktop, or Command Line||Native App||
|Web + Service-to-Service||Web + Service-to-Service App||
|Resource Server||Secured API, Database Server||n/a|
The Pivotal Single Sign‑On Service Sample Applications GitHub repository provides examples for a few of the Pivotal Single Sign‑On app types listed above.
Note Pivotal recommends only using the Native app type for highly-trusted apps, such as company-owned and managed apps. The Native app type only works with back-channel protocols, such as internal UAA store or LDAP. It does not work with front-channel protocols, such as SAML.