This document discusses why APIs must be part of a mobile strategy and provides 5 reasons: 1) Firewalls make accessing APIs difficult due to changing clients and back-end systems, 2) Authentication, authorization, and single sign-on are important for mobile access but challenging, 3) Local app single sign-on is desirable without the negatives of a VPN, 4) Mobile OS isolation silos data and prevents sharing credentials, 5) Users need a way to logout if their device is lost or stolen. It then describes a solution of a native single sign-on SDK for mobile developers to address these problems using OAuth, OpenID Connect, and managing users, apps, and devices securely.