Always show "choose account" prompt for Hosted UI / Social Sign In

[nikhilvashisht]

Updated Description

Request: When an end user logs in via Hosted UI (Sign in with Google, Apple, etc.) the prompt to choose account should always be displayed. This should either be the default behavior, or be configurable.

Current Behavior: The choose account prompt will not display if the user is already logged into one (and only one) account. Below is the detailed behavior using Sign in with Google:

• If you are not logged into any Google accounts in your default browser* you will be prompted to login to a Google account when using social sign in with Google.
• If you are logged into exactly one Google account in your default browser* you will not be given the choice of which account to use. You will be automatically logged in with that account.
• If you are logged into multiple Google accounts in your default browser* you will be given the choice of which of those accounts you want to use each time you sign in.

*The browser used for social sign in will be the default browser for the device on all platforms with the exception of on iOS which will always use Safari.

Original Description

### Description I am trying to use amplify's social login with web ui in my flutter app. The app prompted to choose a user to sign in through google account when I first tried the feature, but it no longer opens the 'choose user to sign in' screen when I call .signInWithWebUI() method. Here's the log - ``` D/AWSMobileClient(22810): onSuccess: HostedUI signed-in D/AWSMobileClient(22810): _federatedSignIn: Putting provider and token in store D/AWSMobileClient(22810): Inspecting user state details D/AWSMobileClient(22810): hasFederatedToken: true provider: cognito-idp.us-east-1.amazonaws.com/us-east-1_Nxx ``` Here is my AndroidManifest.xml - ``` ``` Here's amplifyconfiguration.dart - ``` const amplifyconfig = ''' { "UserAgent": "aws-amplify-cli/2.0", "Version": "1.0", "auth": { "plugins": { "awsCognitoAuthPlugin": { "UserAgent": "aws-amplify-cli/0.1.0", "Version": "0.1.0", "IdentityManager": { "Default": {} }, "CredentialsProvider": { "CognitoIdentity": { "Default": { "PoolId": "poolid", "Region": "region" } } }, "CognitoUserPool": { "Default": { "PoolId": "poolid", "AppClientId": "appclientid", "Region": "region" } }, "Auth": { "Default": { "OAuth": { "WebDomain": "xx.amazoncognito.com", "AppClientId": "appclientid", "SignInRedirectURI": "myapp://", "SignOutRedirectURI": "myapp://", "Scopes": [ "phone", "email", "openid", "profile", "aws.cognito.signin.user.admin" ] }, "authenticationFlowType": "USER_SRP_AUTH", "socialProviders": [ "FACEBOOK", "GOOGLE" ], "usernameAttributes": [], "signupAttributes": [ "EMAIL" ], "passwordProtectionSettings": { "passwordPolicyMinLength": 8, "passwordPolicyCharacters": [] }, "mfaConfiguration": "OFF", "mfaTypes": [ "SMS" ], "verificationMechanisms": [ "EMAIL" ] } } } } } }'''; ``` Haven't tested this out on iOS, but I am facing this issue on Android. Have I missed anything? Please help me resolve this issue. ### Categories - [ ] Analytics - [ ] API (REST) - [ ] API (GraphQL) - [X] Auth - [ ] Authenticator - [ ] DataStore - [ ] Storage ### Steps to Reproduce _No response_ ### Screenshots _No response_ ### Platforms - [ ] iOS - [X] Android ### Android Device/Emulator API Level _No response_ ### Environment ```bash Doctor summary (to see all details, run flutter doctor -v): [√] Flutter (Channel stable, 2.10.4, on Microsoft Windows [Version 10.0.22000.556], locale en-IN) [√] Android toolchain - develop for Android devices (Android SDK version 31.0.0) [√] Chrome - develop for the web [√] Visual Studio - develop for Windows (Visual Studio Build Tools 2019 16.11.9) [√] Android Studio (version 2020.3) [√] VS Code (version 1.66.2) [√] Connected device (4 available) [√] HTTP Host Availability • No issues found! ``` ### Dependencies ```bash - amplify_analytics_pinpoint 0.4.5 [amplify_analytics_plugin_interface amplify_analytics_pinpoint_android amplify_analytics_pinpoint_ios amplify_core flutter plugin_platform_interface] - amplify_auth_cognito 0.4.5 [flutter amplify_auth_plugin_interface amplify_core amplify_auth_cognito_android amplify_auth_cognito_ios collection plugin_platform_interface] - amplify_flutter 0.4.5 [amplify_analytics_plugin_interface amplify_api_plugin_interface amplify_auth_plugin_interface amplify_core amplify_datastore_plugin_interface amplify_storage_p lugin_interface collection flutter json_annotation meta plugin_platform_interface] - carousel_slider 4.0.0 [flutter] - cupertino_icons 1.0.4 - dots_indicator 2.1.0 [flutter] - firebase_auth 3.3.7 [firebase_auth_platform_interface firebase_auth_web firebase_core firebase_core_platform_interface flutter meta] - firebase_core 1.12.0 [firebase_core_platform_interface firebase_core_web flutter meta] - flutter 0.0.0 [characters collection material_color_utilities meta typed_data vector_math sky_engine] - flutter_otp_text_field 1.0.0 [flutter] - flutter_screenutil 5.2.0 [flutter] - flutter_svg 1.0.3 [flutter meta path_drawing vector_math xml] - fluttertoast 8.0.8 [flutter flutter_web_plugins] - font_awesome_flutter 9.2.0 [flutter] - google_sign_in 5.2.3 [flutter google_sign_in_platform_interface google_sign_in_web] - http 0.13.4 [async http_parser meta path] - intl 0.17.0 [clock path] - intl_phone_number_input 0.7.0+2 [flutter meta libphonenumber_plugin equatable collection] - page_transition 2.0.5 [flutter] - provider 5.0.0 [collection flutter nested] - shared_preferences 2.0.13 [flutter shared_preferences_android shared_preferences_ios shared_preferences_linux shared_preferences_macos shared_preferences_platform_interface shared_pr eferences_web shared_preferences_windows] ``` ### Device OnePlus 8T ### OS Android 12 ### CLI Version 8.0.1 ### Additional Context _No response_

[haverchuck]

@nikhilvashisht I believe this might be a limitation with the Cognito service's Hosted UI feature, but we will try to investigate a fix.

[jxstxn1]

I am facing the same Issue with Microsoft Active Directory LogIn. What about a LogInOption like "shouldShowUserSelector". Then Amplify is redirecting to the Google SignIn Mandatory.

Found a similar Issue in the AmplifyJS Library too.

[AllenKaplan]

This change change is a bit frustrating to deal with... Has anyone figured out how to get around it?

@Jordan-Nelson I see you assigned it to yourself, any idea how far in the backlog this is?

If this isn't resolved in the next month we'll be dropping amplify and perhaps cognito as a whole :/

[hiru-vn]

Hope this will get fixed soon, we are currently remove signInWithWebUI feature and waiting for this.

[Jordan-Nelson]

Hello all - In order to fully resolve this issue and present the account chooser screen each time the prompt parameter is required. This parameter is currently not supported by Cognito. Support for this in in their backlog, but I do not have a timeline when support will be added.

We recently released a new developer-preview version of amplify-flutter (amplify_flutter v1.0.0-next.0) that I believe will improve (but not completely resolve) this issue. With the new version, the behavior should be aligned across each platform.

The behavior in the new version should be as follows:

• If you are not logged into any Google accounts in your default browser* you will be prompted to login to a Google account when using social sign in with Google.
• If you are logged into exactly one Google account in your default browser* you will not be given the choice of which account to use. You will be automatically logged in with that account.
• If you are logged into multiple Google accounts in your default browser* you will be given the choice of which of those accounts you want to use each time you sign in.

*The browser used for social sign in will be the default browser for the device on all platforms with the exception of on iOS which will always use Safari.

You can read more about the developer preview release in the blog post and docs. If you have a chance to try out this dev-preview version, please let us know if you have feedback.

[benedict1986]

Hi @Jordan-Nelson, thank you for explaining the new behavior. For google sign in, it works as want you said. How about for Facebook?

I am testing my application now with Facebook sign in. After I signed in with Facebook, I am not able to change Facebook user anymore. Even I delete the Facebook user in Cognito, the record will also be recreated without asking me to sign in again.

Is there any way for this? Thank you

[Jordan-Nelson]

@benedict1986 - I believe if you sign out of Facebook in your devices default browser, it will prompt you to sign in again. This would be the same behavior as Google. Please let me know if you are seeing different behavior.

[benedict1986]

Thank you @Jordan-Nelson, it works. I need to sign out from the browser.

[raph]

If you are logged into exactly one Google account in your default browser* you will not be given the choice of which account to use. You will be automatically logged in with that account.

The SDK should offer a way to force the multiple account view even if only one account is present. In my opinion, it is an undesirable behavior to have the app decide automatically which account to use for signin without informing the user.

@Jordan-Nelson is such an option on the roadmap ?

[Jordan-Nelson]

Hello @raph - This is not currently on the roadmap for Amplify as it requires a change from Cognito first. There is an open request with Cognito to support this, but I do not know if this in on the Cognito roadmap yet.

If this is something you would like to see supported, please give the issue a 👍. It helps us quickly gauge interest in a request and pass that feedback/interest along to the Cognito team.

[KOSSOKO]

Hello @Jordan-Nelson, yes it is an important required feature. We are also facing the same issue right now.

[naseem-dev]

Facing the same issue.

[pablovargasosorio]

Hey @Jordan-Nelson I would say the same ☝️ It's an important feature. The user doesn't know he has to close the Google/Microsoft/whatever session in another browser tab in order to login with a different user. So he thinks like logout is not actually working....

[MensurRasic]

Same issue over here

[alexomon018]

Having the same issue also..

[ddlabs-mfchan]

Having same issue here, if we can pass prompt parameter really help

[AdrshBista]

Hi, any news on wheather this is being worked on or not?

[alexomon018]

@AdrshBista Actually I think there is a new version of amplify v6. I haven't tried it yet but it might have the solution for this problem.

[Jordan-Nelson]

Hi folks, this is not currently being working on in Amplify as it requires changes in Cognito. As far as I know this is not being worked on in Cognito.

@alexomon018 Amplify JS v6 was released recently. I don't think this issue is resolved in Amplify JS v6 as it requires changes in Cognito. Also, Amplify JS is separate from Amplify Flutter. The latest version of Amplify Flutter 1.x.

[flodaniel]

@Jordan-Nelson can you work with the Cognito team to get some visibility into their roadmap? The amount of tickets that are blocked by the Cognito team is staggering and probably also very frustrating for the amplify team. While the amplify team is quite transparent through Github activities for us developers it just appears like nothing is being worked on by the Cognito team.

[mtourj]

This is a problem for us too. I've observed the same as @flodaniel, seems a lot of issues we run into using Amplify are blocked by Cognito

[bharathiselvan]

I’m experiencing the same issue. Are there any solutions or workarounds available? Thanks in advance!

[Equartey]

Hi @bharathiselvan,

This feature request is still in our backlog and we do not have any other guidance at this time.

When have updates, they will be provided here.