Make private session the default for signInWithWebUI

[Nfgyou]

Is your feature request related to a problem? Please describe.

Using signInWithWebUI without setting the options to .preferPrivateSession() will cause the user to get a really confusing pop-up on signOut and wouldn't actually log the user out unless approved.

However if the options is set to .preferPrivateSession() it would work fine.

This becomes an issue in the case of deleing the app and downloading it again, I would like to sign the user out when the app is re-downloaded after deletion, but it isn't possible unless the user approves the signOut.

Since there is not way to control the time a session is active for and there is no way to know if the app is being deleted. signOut needs to be done on opening the app after re-download.

Describe the solution you'd like

I would like the default behaviour to be private session.

or

The ability to control sessions via timeout.

Describe alternatives you've considered

@atierian guided me to a work around and explained the that .preferPrivateSession() is using a user default value with the key "AWSCognitoAuthPluginUserDefaults.privateSessionKey" so setting that value when the app first opens after re-download mitigates the issue for future users.

Is the feature request related to any of the existing Amplify categories?

Auth

Additional context

No response

[github-actions[bot]]

This has been identified as a feature request. If this feature is important to you, we strongly encourage you to give a 👍 reaction on the request. This helps us prioritize new features most important to you. Thank you!

[atierian]

Thanks for opening this feature request @Nfgyou. We'll update here with any news.

[royjit]

Amplify Auth has added the feature to clear the cached credentials if the app is a fresh install. This feature was released in v2.0.0. We cannot make the private session as the default feature because that will be a breaking change for the existing users.