adal.js is stuck at waiting for MFA on iOS

[mark-szabo]

There is a Progressive Web App (PWA) using React and adal.js to authenticate users with their corporate account. The webapp is packaged with cordova into an iOS app (project created with PWABuilder).

Authentication works perfectly on every platform except iOS (Windows, Android, browser).

I open the app, it redirects to AD (login.microsoftonline.com), I type in my email (it redirects to msft.sts.microsoft.com), then the password, get redirected to the MFA page and sends a notification to the same iOS device I've opened the app (the actual device is configured as the second factor authentication). I click the notification, the Microsoft Authenticator app opens, I authenticate with TouchID. So far, so good.

The problem surfaces when I then switch back to the app and it is still waiting for MFA auth verification. Waiting forever.

Screen recording: https://carwashu.blob.core.windows.net/etc/authenticator_error.mp4

This lets me draw the conclusion that the app in the background is in sleep mode or something as it does not get the verification.

BUT: if I let the MFA request time out (don't click the notification), AD presents the option to use phone authentication. I pick up the call type in my pin code (app is in the background, dialer is above it) and when the dialer is closed the authentication succeeded and I'm in the app, authenticated as I'd expect.

Screen recording: https://carwashu.blob.core.windows.net/etc/phone_auth.mp4 (for some reason, recordings stops when the phone starts ringing, but anyway it works as I described above, phone auth says 'successfully verified', app gets authenticated correctly)

[aharris]

I have this exact same issue. Any progress on this?

[mark-szabo]

Hi @aharris, nope, sadly. We haven't released the iOS app because of this blocking issue. iOS users must use the browser version...

[mark-szabo]

@aharris Although I'm looking at this repo: https://github.com/xtools-at/iOS-PWA-Wrapper Maybe this could help.