iOS SSO between App and Safari when a user has just registered a new Account in the App

[chookhen60]

Describe the problem

We have a working Android/iOS App which can successfully SSO into the browser using B2C as our IdP. This works for the following scenarios:

• Android:
  • Logging into the App (and ticking the Keep Me Signed In checkbox), and then accessing a site from the default browser which uses the same IdP
  • Registering a new account in the App (no KMSI checkbox here), and then accessing a site from the default browser which uses the same IdP
• iOS:
  • Logging into the App (and ticking the Keep Me Signed In checkbox), and then accessing a site via Safari which uses the same IdP

What doesn't work:

• iOS:
  • Registering a new account in the App (no KMSI checkbox here), and then accessing a site from via Safari which uses the same IdP

We have tested this on a real device, as was found in my other issue here, the SSO does not work in the iOS simulator

It becomes a little unclear here how the register scenario actually works in Android, as it must be persisting a cookie even though there is no KMSI checkbox, and based on this theory, therefore iOS should do the same, however it is not. Maybe there are reasons for this I am not aware of?

I would have thought someone might have come across this issue previously, but I couldn't find any references to this being an issue in the past.

Let me know if any further information is needed.

What was the expected behavior?

iOS should also works for SSO to Safari when a user registers a new account in the App, not only when they login to the App and tick the KMSI checkbox

Reproduction

• Register a new account in a Mobile App on iOS which is configured to support SSO through a persistent Cookie
• Once logged in, using Safari, go to a website which uses the same IdP and attempt to login - it should perform SSO, but is instead asking the user to log in

[poovamraj]

Hi @chookhen60, thanks for the detailed report. @Widcket will take a look at this

[Widcket]

Hi @chookhen60, thanks for raising this. Could you please share a video of the issue?

[chookhen60]

Hi @Widcket, we are just doing up a video now showing the issue and will get it to you as soon as it's ready

[chookhen60]

Hi @Widcket apologies for the delay in getting this video to you.

Please see here for a video demonstrating the issue: https://drive.google.com/file/d/1kvA77J87RVNN6FRwxz5hk6s1vOcbXnYQ/view?usp=sharing

As mentioned above, in this video, a new user registers an account in the App (and the App does prompt correctly as we want the session to be able to SSO), and once they are logged in, the user clicks on the 'Wellbeing Platform' link, which should take them to a website which performs SSO and doesn't ask them to login again, but instead they are forced to re-enter their credentials.

[Widcket]

Hi @chookhen60, thanks for the video.

I'm unable to reproduce the issue:

https://user-images.githubusercontent.com/5055789/182273483-9140472b-bbef-43fa-838d-28f9c0d6a58d.MP4

• I'm using a custom domain
• The custom domain is set as the Auth0 domain in the native app
• The custom domain is used in the web app as well
• The API I'm using as the audience has the following setting enabled:

[Widcket]

I'd suggest checking in the logs of your Auth0 tenant for any error logs.

[chookhen60]

Thanks for testing that on your end @Widcket.

We'll have a look at those things on our end to see if we can narrow down what the issue might be, but it does seem to be an issue outside of this library (especially as yours is working as intended)

[Widcket]

Seems like your issue is solved @chookhen60, so I'll close this one. Please feel free to ping if you'd prefer to reopen.