Apple complains about using the external browser when logging in ("Guideline 4.0 - Design")

[SYThomasNordmeyer]

Hi, Apple denies publishing our iOS app in Apple Connect Store because app_auth uses the external browser for logging in. Is there a configuration we can use to comply to Apples requirements? (No issues with Android version in Google Play Store).

Here's the response Apple sent us during submission:

Guideline 4.0 - Design

We noticed that the user is taken to the default web browser to sign in or register for an account, which provides a poor user experience.

Next Steps

To resolve this issue, please revise your app to enable users to sign in or register for an account in the app.

You may also choose to implement the Safari View Controller API to display web content within your app. The Safari View Controller allows the display of a URL and inspection of the certificate from an embedded browser in an app so that customers can verify the webpage URL and SSL certificate to confirm they are entering their sign in credentials into a legitimate page.

Resources

• For additional information on the Safari View Controller API, please review the What's New in Safari webpage.
• Note that apps that support account creation must also offer account deletion, per App Store Review Guideline 5.1.1(v). Learn more about offering account deletion in your app. Please see attached screenshot for details.

[MaikuB]

There's something off with what is being mentioned here as using this plugin results in an embedded browser shown in the app. This can be confirmed via the example app. If you or the app store reviewer is seeing a separate browser as implied by the comments then you'll need to investigate further