Amazon web services - SSO not working in iOS when using AWS Cognito and Azure AD

allanc
June 27, 2024
165 views
0 votes
2 Answers

We are using Azure AD as OIDC Identity Provider in AWS Cognito.
In iOS side, we use ASWebAuthenticationSession to show a web view and let the user login. User can login successfully but the issue is when opening Safari browser in the iPhone and going to the user’s Microsoft account, the user needs to input his/her credentials.

Notes:

prefersEphemeralWebBrowserSession is set to false
We’ve tried to use older APIs such as SFSafariViewController and SFAuthenticationSession
We have our own Authorization and SSO is working between our app and Safari.

Anything we’re missing for SSO to work between our app and Safari app?

Answers

Chosen as BEST ANSWER
- allanc
- June 27, 2024 at 8:26 am
- 0 votes
0
It seems SSO depends on a couple of things
- How do authentication services store the cookies
- What API you use to login the user
Found this very useful blog from Okta that summarizes cookies sharing between Safari app, SFSafariViewController, SFAuthenticationSession, ASWebAuthenticationSession.

(Edit)

- RobloxHero
- June 27, 2024 at 6:35 pm
- 0 votes
0
You should be able to create a link with the authorization token for Microsoft, then redirect your app to open the link in safari. The iPhone will leave your app to open the auth link including the token.
Then if you leave your app, you would have loaded the auth info into safari for use outside your app.

Login or Signup to reply.

Please signup or login to give your own answer.

Click here to cancel reply.

Amazon web services – SSO not working in iOS when using AWS Cognito and Azure AD

Answers