Avoid sign-in screen with iOS native app after initial sign-in

When using a native mobile app, how can we get the Okta sign-window to know that the user has already logged in, to not show the login screen and simply redirect back to the app?

• Is this something the app must handle by validating the token before calling the okta sign-in?

Context:

• iOS native app
• not using okta SDK, but making direct API calls
• using ASWebAuthenticationSession, with prefersEphemeralWebBrowserSession = false

What is working:

• PKCE flow
• Okta sign-in window
• Fetch access token and refresh token
• Calling Node.js server and validating JWT

So this is all good.

However, if the app then directs the user again to the Okta sign-window, the user must again login.

Thanks,

Hi @SandyP! Unfortunately, ASWebAuthenticationSession doesn’t share cookies with Web Views - this is an iOS limitation. Please see:

• https://developer.apple.com/documentation/authenticationservices/aswebauthenticationsession
• https://github.com/openid/AppAuth-iOS/issues/432#issuecomment-523904316

Thanks Semona.

Is there a best practice/recommended flow when using iOS for an Okta login?

For example, should the IOS app do a token validation before starting the sign-in flow? Would this be something reasonable?

Or is there another work-around that you can recommend?

@SandyP you may want to look into our Auth Swift SDK as there has been a workaround there https://github.com/okta/okta-auth-swift/issues/98.

Hi, I don’t see how that example uses ASWebAuthenticationSession() from iOS 14.

I am trying avoid the Okta sign-in page when the user has already Okta logged in from the same app