When using a native mobile app, how can we get the Okta sign-window to know that the user has already logged in, to not show the login screen and simply redirect back to the app?
- Is this something the app must handle by validating the token before calling the okta sign-in?
- iOS native app
- not using okta SDK, but making direct API calls
- using ASWebAuthenticationSession, with prefersEphemeralWebBrowserSession = false
What is working:
- PKCE flow
- Okta sign-in window
- Fetch access token and refresh token
- Calling Node.js server and validating JWT
So this is all good.
However, if the app then directs the user again to the Okta sign-window, the user must again login.