Thanks, that helps. I would prefer to work with the client's existing infrastructure if possible. One of the examples, from http://blogs.developerforce.com/developer-relations/2010/11/ws-trust-and-saml-and-oauth-oh-my.html, seems relevant:
1. Mobile app accepts the username and password, and submits them to PingFederate in a WS-Trust request. 2. PingFederate validates the user credentials, creates a SAML assertion and submits that to Salesforce.com in an OAuth 2.0 request. 3. Salesforce.com validates the SAML assertion and responds to PingFederate with an OAuth access token. 4. PingFederate in turn replies to the Android app with a WS-Trust response containing the access token. 5. The Android app uses the access token to invoke the Salesforce.com REST API. although something like http://leandrob.com/2012/02/request-a-token-from-adfs-using-ws-trust-from-ios-objective-c-iphone-ipad-android-java-node-js-or-any-platform-or-language/ might be sufficient. -- Job Board: http://jobs.nodejs.org/ Posting guidelines: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines You received this message because you are subscribed to the Google Groups "nodejs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nodejs?hl=en?hl=en
