We have added the face id description key in plist
NSFaceIDUsageDescription
This app requires Face ID permission to authenticate using Face recognition.
We are getting system pop up for accessing face id we want to dismiss that pop up.
Please see the pop up in image:
Unfortunately, you can't do it.
It's not under developer control. If you've added Face-ID authentication code in you application, then during first time application launch, it will prompt user to grant your app, face-id authentication.
And you must provide a privacy statement in info.plist, describing user in brief, for what purpose you need access to use face-id authentication.
Here is more detail about data security and user permission for private data access:
iOS 11.0 Security
In short, You can't skip this popup, if you've added code to access private information.
Related
I'm creating an app where the user has to login and can use FaceID or TouchID to speed up the log in process.
Using FaceID or TouchID for the login can be enabled or disabled in the internal settings of the application.
When first using TouchID/FaceID the user has to grant these permissions to the app. I want that this permission request dialog appears as soon as the user enables biometric authentication in the app settings and not right before the user logs in using it.
I didn't find anything with google so I doubt this is even possible.
This is possible if you prompt the user to perform Touch or Face ID when the feature is enabled within the app.
As far as I know, there is no other way to trigger this permission prompt.
On iOS 11, Apple introduced a new way to share auth data between the web and a Mobile App with SFAuthenticationSession.
It would be a bad user experience to show the SFAuthenticationSession prompt to every new users - that might have never used my website - to have them agree and then get nothing out of it and have ask them to login.
The documentation is pretty empty on Apple side. This is the only example I found.
Is there a way to know if there is a cookie available before showing the SFAuthenticationSession prompt? Or maybe, with the Associated Domains enabled, when authenticating with my domain, the system should not show the prompt?
No. Even if there aren't cookies, the user can login entering his username/password and then clicking on "Login"/"Enter" on the website (E.g: Facebook, Instagram).
Accessing the cookies won't be enabled:
When the webpage is presented, it runs in a separate process, so the user and web service are guaranteed that the app has no way to gain access to the user’s credentials. Instead, the app gets a unique authentication token.
Official docs
Working example for Instagram-OAuth: https://github.com/dvdhpkns/SFAuthenticationSession-Instagram-Oauth
And the GitHub repo you added was posted by the author to send a bug report about errors in cookie sharing for local servers (rdar://33418129. Original tweet)
Are cookies shared between Safari and SFAuthenticationSession?
#DVDHPKNS
They’re supposed to be shared, but we have some timing bugs right now. Please do file bugs about what you’re seeing.
#rmondello (Apple employee)
P.S: They added more information to the docs since your original post date.
I wonder if it's possible to scan the fingerprint without show a popup view of LAContext
It is not possible. It would be a security concern.
In more details, it is controlled by the system, your app just request it to authenticate the user
I am developing iOS App which use Facebook iOS SDK 4.
When user has already done Facebook login, by doing Facebook login the dialog which shows "user has already approved your app" had be displayed.
So, do not show the dialog. I want to know whether the user has already done Facebook login.
Anyone know the good way? I think accessToken is returned if user once had done Facebook login.
FBSDKAccessToken manage current logged user's accessToken.
According to official Facebook Login guide
"FBSDKAccessToken Represents the access token provided by a successful login. Most important, it provides a global +currentAccessToken to represent the currently logged in user."
The currentAccessToken is a convenient representation of the token of the current user and is used by other SDK components (like FBSDKLoginManager).
According to above you can check either user has valid accessToken or not and based on this you can track call login method otherwise just skip to next flow.
In Facebook the access tokens are per user so you can pass them around apps and they will work. In your case if you can ship an access token from another app you will be able to skip the next logging in and use the API normally.
However I think this this thread will help you.
Things are a little bit different with iOS cause I have done a facebook login on Android and got no such issues.
I am using Cordova 3.4.0 along with the official facebook connect plugin link
The issue is that every time user opens the application. He/She has to press login and then it shows the "App already authorized screen" before the user is able to perform any action. How to prevent this addition of an action in the user flow?
I read that it is basically because the access token isn't stored by the plugin. As a result this action needs to be taken again and again. So I have now stored access token using localstorage but unfortunately don't know how to go about using it.
FB.api('/me/friends?access_token="+access_token+"', { fields: 'id, name, picture' },
Using it in the manner above results in an error saying invalid oAuth access token. Even though I placed an alert before this line to ensure that access_token had a valid value. Any help in this regard would be highly appreciate.
Just to rephrase I don't want the user to be asked to press login button every time they open the application.