iOS SDK Redirect not working

Hello,

I’m using OktaAuth iOS SDK. Everything works fine except Okta Verify doesn’t redirect back to my application.
So opens app -> app opens webview -> user logs in -> user clicks “Send Push” -> User clicks push notification to open Okta Verify -> Approve -> user is approved. However, the Okta Verify doesn’t do anything.

I have confirmed that my url scheme is working fine with opening myself using UIApplication.shared.open() function.

Is this know bug?

Hey @sebum -

Is the native application using the iOS SDK not redirecting back after the the Okta Verify view in the browser? Or is the expectation that the Okta Verify native application re-opens the previous application?

If it is the latter, this is a known limitation to the current Sign-In flow. We have a feature request to capture the previous native application’s identifier so Okta Verify can redirect back once the user accepts the challenge/notification.

@jmelberg

Thank you for the clarification. If that is the case with Okta Verify, then I think the documentation should be updated that it is not supported. By saying how to define redirect uri for native application and url scheme, it implies that it would work.

@sebum - The iOS wrapper library handles the redirect between the browser and native application. It cannot determine which third-party application is required to complete the authorization flow. It should be the responsibility of the third-party app to navigate back to the application that initiated it (if needed).

MFA using Okta Verify does work today - it just requires the user to bring the previous application back to the foreground. Once your application is back in the foreground, the browser view will still be visible - and the user will immediately be redirected back to your app.

Hope that clears a few things up!

@jmelberg

I understand it works with browser. I was only implying to native Okta Verify to open backup my application. I cant change which app becomes foreground but only Okta Verify native app can do.

@jmelberg

One more question. If my redirect uri is actual uri, for example, https://www.google.com, will native Okta Verify open safari with the uri once user clicks “approve”?

Hey @sebum -

As mentioned above Okta Verify has no direct communication with your native application. The web browser is polling for a completed challenge from Okta Verify (i.e. user clicks approve), and once your application has returned to the foreground, the browser will redirect to a registered Private-Use URI Scheme or claimed https scheme.

@jmelberg

Maybe we are talking about same thing but just miss using terms. I know it CAN NOT open my NATIVE APP.

I’m asking after MFA using NATIVE OKTA Verify app, user clicks APPROVE, can it open safari to defined redirect uri if uri is for example actual web url like https://www.google.com?

Hey @sebum - Sorry if I am still misunderstanding your question.

Okta Verify cannot open Safari after the user clicks Approve at this time.

Once the user clicks Approve, the Login Request view segues back to the Account Chooser view.

1 Like

Ok. I now understand full flow and capabilities. Thank you.