Pretty sure what you want is this:https://apereo.github.io/cas/5.2.x/protocol/REST-Protocol.html
As for safety, since this REST implementation is included as an official features, the safety risk shouldn't be that high, your mileage may vary. Moreover, you can always check the source code yourself to see to logic, if you have any doubt. I've look at it before and I think code is fine. If you can modified the mobile application, then you might even consider opt for OAuth 2.0 or something else, if you really don't trust REST. Hope this helps you -Andy On Saturday, 2 December 2017 18:26:23 UTC+8, Hussein Emam wrote: > > I have a* REST* service that is called from a *mobile application*, Is > it possible to authenticate the service against *CAS* ? is it *safe* to > do this ? > Thanks > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/e954622b-c9b8-49f9-b307-bc952fd7640f%40apereo.org.