Is it possible to SSO from a native app (iOS/Android) to an OIDC app?

I have two apps defined in Okta: one is for my sample native app, using the React Native sample app, custom-sign-in flow (see https://github.com/okta/samples-js-react-native). This is working fine. Second is an OIDC web-app, that uses nginx+vouch proxy to secure some web endpoints (see https://developer.okta.com/blog/2018/08/28/nginx-auth-request). This is also working fine.

Both apps use the same group / users / etc. This is all just in a basic starter developer account, nothing special - just trying out Okta to research capabilities.

I’ve also followed the directions to enable usePersistentCookie (see https://developer.okta.com/docs/guides/shared-sso-android-ios/ios/session-and-persistent-sso/) and while I can’t say “this is working” - I didn’t run into any errors in running the various Postman steps. I can retrieve the new policy & new rule and it has the correct property set.

So here’s the million dollar question … how do I got about logging into the native app, and having that SSO when I launch a webview to the web app? Before I set the usePersistentCookie, I was just getting redirected to the Okta login page when loading the webview, now I get an error from Vouch that says there are too many redirects … so, presumably (or maybe), Okta is recognizing the persistent cookie, but not setting something that Vouch needs to recognize that the login flow has completed?

I feel like I’m super close … any help is appreciated.

For future searchers - I was able to get this working. The missing piece was sharing the cookie between the native side and the webview side. I thought this was already happening, but it was not. This ended up being simpler to fix than I expected - since I’m using react-native-webview, just setting sharedCookiesEnabled = true allows the persistent cookie that’s set during the native auth flow to get passed to the webview and everything proceeds swimmingly from there.

Cheers!

1 Like