Why must the SSO/IDM administrator add http://127.0.0.1:64000 to the redirect URIs? - c06593885
This Reply URL is used only during the PrintWhere & mobile app authentication workflows.
The loopback redirect (http://127.0.0.1:64000) is neither on the server side nor it is to an un-managed URL, the loopback redirect is strictly happening on the client side (in the case of the PrinterOn solution the mobile device acts as the client), more specifically it is used to transfer session information between the PrinterOn mobile application and the web session on the same mobile phone. Since the mobile phone does not have a Fully qualified Domain name (FQDN) the PrinterOn solution must use the loopback address on the mobile device.
During the OAuth login process the remote system needs to send information to the client (the PrinterOn mobile application). It does so by redirecting to the local loopback address. By using http://127.0.0.1 the local browser loads a 100% completely local and safe page, then transfers the information to the mobile app that is watching the browser and when it loads this redirect URL (the mobile application) can then pull the information it needs to continue authentication from the web browser.
Using this method to authenticate with OAuth is a standard practice within the industry and provides a very secure and safe authentication for the mobile user. Note:
Applies to PrinterOn Enterprise 4.x and later.