Why is OpenID Connect considered mobile friendly compared to SAML

I've read in multiple places that OpenID Connect is mobile friendly and SAML is not really designed for mobile. I'm new to both of these protocols but what I understood is that the mobile apps need to launch a browser equivalent (WebView) in order to handle the authentication at IDP and also to handle the redirects involved with SAML flow. Can this be avoided with OIDC?

I'm not interested in how social logins with Google etc work but scenarios where enterprises federate via OIDC. Is it even a fair statement to say that companies federate using OIDC instead of SAML?


SAML is browser based and crytographically heavy.

OIDC is REST based - no needs for a browser.

Enterprises that use what Microsoft calls "modern authentication" (i.e. OIDC) don't use SAML.

e.g. the default connection to an Azure AD site or O365 is OIDC.


  • What is the point of configuring DefaultScheme and DefaultChallegeScheme on ASP.NET?
  • How can I find all permutations of a string without using recursion?
  • How to protect Web API called by IdentityServer4
  • How to convert currency into double in VBA?
  • unsupported response type in oauth [duplicate]
  • Interrupting a thread in Java
  • Okta SignIn Widget with SAML
  • Is a NULL pointer's dereference also equals NULL?
  • IdentityServer3 - redirect to ADFS if client is on intranet
  • WebView: webpage not available but I load it from an html string
  • Phonegap Android App, open links within app?
  • input type=“file” accept=“image/*” doesn't work in phone gap?
  • Using Login with Paypal and using OpenID with AWS Cognito
  • Class implementation in a header file == bad style? [duplicate]
  • setContentView() is not enough to switch between layouts?
  • how to read a file in prolog?
  • Converter from SAT to 3-SAT
  • Excel VBA How to populate a multi-dimensional (3d) array with values from multiple excel ranges?
  • Streaming screenshots over WebRTC as a video stream from iOS
  • Runtime.exec() gives Error: Could not find or load main class
  • How can I restyle a word when rendering a pdf with pdf.js?
  • what makes a request a new request in asp.net C#
  • quiver not drawing arrows just lots of blue, matlab
  • Authentication in Play! and RestEasy
  • System.InvalidCastException: Specified cast is not valid
  • MonoTouch: How to download pdf incrementally as indicated in the Apple slides “Building Newsstand Ap
  • Abort upload large uploads after reading headers
  • Django rest serializer Breaks when data exists
  • Breeze - Deleted Items nav properties bug
  • Read a local file using javascript
  • How to rebase a series of branches?
  • Azure Cloud Service Web Role web pages do not load
  • javaw.exe and eclipse startup problems
  • Apache 2.4 and php-fpm does not trigger apache http basic auth for php pages
  • How to recover from a Spring Social ExpiredAuthorizationException
  • SSO with signing and signature validation doesn't work
  • what is the difference between the asp.net mvc application and asp.net web application
  • Rails 2: use form_for to build a form covering multiple objects of the same class
  • How to CLICK on IE download dialog box i.e.(Open, Save, Save As…)
  • need help with bizarre java.net.HttpURLConnection behavior