Keep authentification when I use an SFSafariViewController

[Lapinou42]

Describe the bug When I'm starting the authentication process (using my SSO), all is fine. I can get access token, refresh token, ... I have also a website using the same SSO. When I open a SFSafariViewController in my app (so, I stay in my app, I'm not using de Safari App), It should keep my authentification, no ? Behind the scene, ASWebAuthenticationSession use a SFSafariViewController, right ? And cookies are shared between SFSafariViewController only if I stay in my app, right ?

To Reproduce Steps to reproduce the behavior: (requirement: you need have a website to test the auth between your app and your website)

1. Start a new auth flow
2. Open a SFSafariViewController an launch your website
3. Check if you are authenticated

Smartphone (please complete the following information):

• Device: iPhone 12 (all devices are the same behaviour)
• OS: 15.1.1
• Browser SFSafariViewController

Thank you for your feed-back.

[holgerde]

I'm not 100% sure, but to my knowledge ASWebAuthenticationSession does not share cookies with SFSafariViewController, or mobile Safari for that matter. It only shares cookies with other apps using ASWebAuthenticationSession, unless prefersEphemeralWebBrowserSession was set to true.

[evanspa]

@Lapinou42 Did you find a solution to this?

[pvtan]

ASWebAuthenticationSession does not share cookies with SFSafariViewController

Seems to be correct. Opening a new instance of an SFSafariViewController won't retain your authentication from a previous login.

What worked for me was instead of opening a new SFSafariViewController instance, I opened an ASWebAuthenticationSession. On open, I remained authenticated in my website (after logging in previously).

[Lapinou42]

@pvtan Yes, using this way may work if the url you try to open is on the same domain as your SSO provider url or if you configured the Apple Associated Domain.