I have an iOS app, using a native login, based on the custom example.
This works perfect and I am happy with it.
I have a requirement to open an embedded WKWebView within my app, that SSO’s a user in.
The url looks something like this:
https://{my-okta-org}.com/app/{some-okta-app-id}/exkms5nzsh0tD0kO10h7/sso/saml?RelayState={some-relay-state}
When I launch this however within my web view, I am redirected to an Okta login page. I would expect this really as the embedded view has no context of the authenticated session.
How can I set my session against this webview without asking the user to sign in again? As I have used the native login, I do not have a cookie set, so I suspect I will need to request one but am unsure of the flow required in this case.
I would recommend to not use WKWebView for SSO 1.Not secure, using javascript you can get user login and password 2.Cookies not share between your session and Safari(you are loosing all SSO magic) 3.WKWebView has problems with cookie synchronizing Apple thread and you need manually manage your cookies
I am working on a react-native app that uses the Spotify api.
Long story short, I had to use the LiknkingIOS Library to open the auth page in the Safari app and get the necessary tokens and all works, I even got to redirect to my app one the user is successfully authenticated using a custom URL scheme.
The only problem is that a prompt saying "Open in 'myApp'?" appears.
I need help figuring out a way to avoid the prompt from appearing or using another component to open Spotify's auth page without leaving the app.
I am new to IOS development.
I am creating an application where i have to open website from ios app.
On app - when user opens the app first time i am telling user to login and i am saving the credentials to keychain so that user don't have to login every time.
As per my client's request i need to create a button link to website. when the link will open ther should be automatically logged in to website.
I know that i can use (BOOL)[UIApplication openURL:(NSURL *)url] to open a url in safari but NSURL does not contain any request data.
Is there any other solution? I don't want to make GET request as it's not a safe option.
Thanks
My requirement is to create a Blackberry Application Where it needs Authentication to open. Right now I created an Simple Blackberry Application Which can be opened by anyone. But I need to put a Dialogbox where it asks for username and Password. Once the credentials are valid then only the app should load. For the time being i need a dialgbox when the my app is clicked. Validation of the credentials can be done at later point of time.
I have a need to set some context via Safari (a context token), and then read that context from a native iOS app. What are the best practices for doing this?
A couple thoughts so far:
Set the context in an HTML 5 database, but I'm not sure this will work because the database might be only accessible from Safari. Would using a WebUIView in the native app allow me to access the same HTML5 database / local storage as Safari?
Set the context in device storage, but I'm not sure this will work because I don't know if Safari can actually write to device storage.
I would suggest one of these two options:
Let the web server keep track on the user both in the app and on the website, for example by creating a user account.
or
Pass the context token to the app immediately via an URL-scheme by registering your app as a protocol handler, see more info here
Suggested way:
Send e-mail with link and context token, when user clicks link, save context token in cookie in safari, then redirect to appstore for app download.
When the user downloaded the app and opens it, present a button for the user, when the user clicks it, open a web page in safari.
Safari loads the cookie with the context token, and then triggers another link using a URL-scheme like yourAppName://contextToken=12345678. The link opens your app which reads the context token from the URL.
There is no best practice for directly sharing data between safari and a native app directly and that it is simply not intended that you should do that. All cookies and storages are sandboxed for each app and safari has its own sandbox.
Letting your server doing the job via user accounts is the best and clean way i.m.o. That is why you have user accounts. If you didn't try out the protocol handler for reading specific URLs, that could also be made handy I think.
Could you have the app hit a URL on first launch hosted by server which is redirecting the user in safari, and compare IP addresses, time, iOS version, etc to get at least an approximate match? If an approximate match is insufficient, you could, when you see an approximate match, have your app open safari to confirm their identify via cookie.
It’s easy to send messages between a UIWebView and your native up using WebViewJavascriptBridge.
In your case, though, the accepted answer’s suggestion of using a custom URL scheme (directly from email to app, post-install) makes the most sense.