aws-amplify
Apple Sign-In with signInWithWebUI() not redirecting back to app, or closes immediately without sign-in
Description
There are two unexpected behaviors when using Amplify.Auth.signInWithWebUI with AuthProvider.apple in a Flutter iOS app.
Case 1: Using isPreferPrivateSession: true
final result = await Amplify.Auth.signInWithWebUI(
provider: AuthProvider.apple,
options: SignInWithWebUIOptions(
pluginOptions: CognitoSignInWithWebUIPluginOptions(
isPreferPrivateSession: true,
),
),
);
This opens the Apple sign-in sheet properly.
After the final step, the sheet does not redirect back to the app.
The signInWithWebUI() call remains suspended indefinitely.
Case 2: Without pluginOptions (default behavior)
final result = await Amplify.Auth.signInWithWebUI(
provider: AuthProvider.apple,
);
This causes the Hosted UI or Apple sign-in dialog to open and close immediately.
No login occurs.
No errors are thrown in Dart.
Hosted UI briefly flashes and disappears.
**What Works**
When testing the redirect_uri manually in Safari:
https://<domain>.auth.<region>.amazoncognito.com/oauth2/authorize?...&redirect_uri=myapp://callback...
The redirect (myapp://callback) correctly opens the app.
So the deep link handler in the app is working.
App & Amplify Configuration
{
"auth": {
"plugins": {
"awsCognitoAuthPlugin": {
"UserAgent": "aws-amplify-cli/2.0",
"Version": "1.0",
"IdentityManager": {
"Default": {}
},
"CognitoUserPool": {
"Default": {
"PoolId": "myid",
"AppClientId": "Appid",
"Region": "uss"
}
},
"Auth": {
"Default": {
"OAuth": {
"WebDomain": "mydomain",
"AppClientId": "AppId",
"SignInRedirectURI": "myapp://callback",
"SignOutRedirectURI": "myapp://signout",
"Scopes": ["email", "openid", "profile"]
},
"authenticationFlowType": "USER_SRP_AUTH"
}
}
}
}
}
}
<key>CFBundleURLTypes</key>
<array>
<dict>
<key>CFBundleURLSchemes</key>
<array>
<string>myapp</string>
</array>
</dict>
</array>
Future<void> _configureAmplify() async {
try {
await Amplify.addPlugins([AmplifyAuthCognito()]);
final configString = await rootBundle.loadString('assets/configuration.json');
await Amplify.configure(configString);
} on Exception catch (e) {
print('Error configuring Amplify: $e');
}
}
**package versions**
amplify_flutter: ^2.6.3
amplify_auth_cognito: ^2.6.3
flutter version : 3.32.1
### Categories
- [ ] Analytics
- [ ] API (REST)
- [ ] API (GraphQL)
- [x] Auth
- [x] Authenticator
- [ ] DataStore
- [ ] Notifications (Push)
- [ ] Storage
### Steps to Reproduce
https://github.com/user-attachments/assets/f8c2b01f-3e22-445b-a3f3-861ec5e46bc1
<!-- Failed to upload "ScreenRecording_06-25-2025 17-13-19_1.MP4" -->
### Screenshots
https://github.com/user-attachments/assets/89fe1576-8da1-4c57-9e74-7855d4cb9586
<!-- Failed to upload "ScreenRecording_06-25-2025 17-13-19_1.MP4" -->
### Platforms
- [x] iOS
- [ ] Android
- [ ] Web
- [ ] macOS
- [ ] Windows
- [ ] Linux
### Flutter Version
3.32.1
### Amplify Flutter Version
2.6.3
### Deployment Method
Amplify Gen 2
### Schema
```GraphQL
@tyllark Please advise This is a known issue with preferPrivateSession
There's a workaround or fix available for iOS OAuth redirect handling
A specific plugin update or setup is required
Hello @akshaykanhasoft1, I've been unable to reproduce the issue while using the same SignInRedirectURI, SignOutRedirectURI, and CFBundleURLSchemes that you provided. Could you please verify your iOS deployment versions are at least 13.0 as per our iOS platform setup, other customers have experienced similar issues because of this.
If that doesn't resolve the issue can you please collect Safari logs from your mobile browser for private and non-private sessions. You will need to enable web developer features on your mac and enable inspection on your iOS device then you can open the web inspector once you are in the Apple Sign In WebView via `Safari -> Develop -> [YOUR IOS DEVICE].
