Enabling Custom Login for use with iOS App

Hi, i’m developing an secured iOS (Swift) application for my company and have integrated Okta as the identity provider. We are presently using the PKCE flow and it works great using the Okta-AppAuth iOS SDK.

However, i have been trying to customize my login page as the default login page from Okta does not go well with my application theme. I read on okta documentation that i could make use of Okta Signin Widget to customize my page. I did give it a try and followed all the steps as in the document. My login page launches successfully when i run “npm start” - it built my widget successfully, runs the server and launches my login page on mac safari browser.

All well, till this point, the problem, i am facing is when i run my iOS app and it launches the login page, i don’t see the login page as in the widget but instead the app displays the default login page from okta.

I have been trying to find an answer to this for the past 2 days.

Appreciate any help urgently.

Thanks,
Deepak B

Hi @deepakbadiger!

The okta-sdk-appauth-ios SDK uses your Okta organization’s Hosted Sign-In Page when the embedded browser is appears. This is mapped directly to the issuer in your Okta.plist file. For example, if your issuer is https://example.oktapreview.com/oauth2/default, the page loaded in the native app’s browser is similar to what you can see at: https://example.oktapreview.com.

That being said, it sounds like you’re attempting to run a custom build of the Sign-In Widget instead of using your organization. The Sign-In Widget handles OAuth 2.0/OpenID Connect flows, but does not act as an OAuth 2.0 Authorization Server. You’ll still need to point your native app to an OAuth 2.0 authorization server in order to successfully authenticate your users.

The ability to update the Hosted Login Page for your Okta organization is currently being tested in a closed Beta program. If you’d like some information on participating, email us at developers@okta.com.

As an alternative, you can use the Resource Owner Password Flow to authenticate your users. Here, you can take your user’s username and password, and directly submit a /token request to Okta for an idToken and/or accessToken. Documentation on that for the SDK is available here. Please be advised that this is not recommended for production, as you’re placing a secret identifier inside of your publicly distributed application.

Hopefully this helps clear a few things up!

Hi @jmelberg,

Thank you for the prompt reply.

To provide you with more clarity, I’m trying to customize my login page that comes up on my device when i invoke the login() method from the okta-sdk-appauth-ios. The appearance module on the okta -> settings page only allows me to add my company logo, but it does not allow me to customize the look and feel of the login page.

Also, based on the okta documentation for iOS, for “Implementing Okta Signin” using Sigin-widget, i ended up running my own instance of the signin-widget hosted server, to do that, i followed the instructions here. But this did not help, as even after enabling the CORS in my account -> API settings, the okta login page, when it is launched on the device after invoking the login() method from SDK, my default okta login page is not redirected to the signin-widget instance that i’m running on local instance.

I’m not a server side developer so i must admit my knowledge on javascript and server technologies is very limited. But, all that i want to achieve is to have a customized login page with the background colors, logo and custom instructions when i call the login() method available in the sdk.

Hope that provides some insight of what i’m doing and what i’m trying to achieve.

Thanks.

@deepakbadiger totally makes sense - unfortunately, you need the Custom Hosted Login page feature that is currently in beta that Jordan was talking about. You will also be able to modify the URL in which the page is hosted.

So if your application is called banhmi your login page could be login.bahmiapp.com

We are working hard to get these features out the door. For more information, hit us up at developers@okta.com

1 Like

Hi @tom,

That was a crisp and clear reply. Thanks for the clarifications.
I would definitely like to participate in the beta program. Will drop an email to developers@okta.com

Thanks,
Deepak B