This document discusses extending single sign-on (SSO) capabilities to mobile clients. It proposes using OAuth and OpenID Connect to implement cross-application SSO on mobile devices while distinguishing between the device, user, and individual apps. A key challenge is the isolation of apps and data on mobile operating systems, which this solution aims to address through a native SDK and centralized management of tokens. The overall architecture features device registration, requesting access tokens via JSON Web Tokens to enable SSO, and administration of tokens.