Onegini iOS SDK
The complete mobile security platform consists of multiple nodes. The SDK provides the communication with the nodes required for common use cases.
Actual implementation of the app installed on a mobile device using the SDK.
The Onegini Token server is responsible for providing OAuth tokens and mobile authentication functionality.
APNS - Apple Push Notification Service
APNS is used by the token server to send push notifications to the app instances. This service is provided by Apple and publicly available via a free subscription.
The website that triggers mobile authentication towards the token server, generally the regular company website. The portal is responsible to identify the user and provide the correct user id to the token server.
IDP - Identity Provider
Provides the identity of the user. Generally this is a separate system however the portal can also take on this role.
A gateway to secure protected resources. The SDK communicates with the resource gateway to receive secured resources by using access tokens.
In the OAuth 2.0 protocol the user should never directly provide his user credentials to the OAuth 2.0 client (the SDK) but only at the IDP. To achieve this the SDK redirects the user to the browser, which can be the native device browser or an embedded in app browser. Once the user completed authentication the user is redirected back to the SDK.