Steps to reproduce:

Mobile App

• Log into JIRA Mobile app
• Do a Basic Auth request from your desktop
• Go back to JIRA Mobile app

Expected: You are still logged in to JIRA Mobile app
Actual: You are logged out (the SSO token is invalid)

Note that the mobile app only stores the studio.crowd.tokenkey SSO token.

Web App

• Log into JIRA Web app
• Do a Basic Auth request
• Go back to JIRA Web app 10 mins later

Expected: You are still logged in to JIRA Web app
Actual: You are logged out (the SSO token is invalid)

Note that the JIRA Web app also uses a JIRA-specific JSESSIONID token and IIUC does some caching of the validity of the SSO token.