Hi,

We want to use delegated authentication so that mobile users can access Salesforce mobile apps without entering usernames and passwords. We're looking to use username and passwords (rather than username & token).

When using delegated auth for desktops, you can (for example) provide a link on an intranet page for users that will take the user to a page that passes the user's username and password to salesforce.com in a POST request. That user has a delegated auth enabled profile, so salesforce.com passes the credentials to a delegated authentication authority.

That part I'm clear on!

What I want to know is - how does this work for mobile application users? If a user downloads Salesforce.com Mobile they need to identify to the application what their username and password is. But if a user is SSO enabled, this will mean nothing to them.

So how does a user identify who they are? Is this method reliant on users entering their email address as their username (and therefore it is implicit that their username will be the same as their email address) and their network password as their salesforce.com password? Or does the mobile need to be routed through a proxy that will pick up the attempt to visit the login page and construct the necessary POST request instead?

Any input appreciated, especially from anyone with experience of doing this!