Our application has implementations on both iOS and macOS. My question is regarding the differences in the login process between iOS and macOS, specifically concerning the browser session:
On iOS the framework calls an in-app browser which holds the session information created after the user logged in. Particularly on iOS this in-app browser does not share the session cookies with the Safari browser. In practice this means that the user can login in app and stay logged in while another user can open the Safari browser and authenticate itself as well thus allowing multiple authentications on a single device.
On macOS this flow is different as the login process kicks us to the default browser of the OS (outside of the app context) which maintains the session cookies for the authenticated user. This does not allow another user to use the same machine to log into Okta since the previous session will be picked up on the browser.
My question is the following:
Is there a solution in your framework that will allow the login process in macOS to be similar to the one on iOS (in-app browser storing the session)? If not, is there a workaround to this that I’m not considering right now?
PS: It’s important to notice that we were unable to use the Okta AppAuth-iOS Wrapper Library on our macOS app and for it are using the AppAuth SDK directly. Are there plans on allowing macOS apps to use the Okta AppAuth-iOS Wrapper Library? Should I create a new issue on the GitHub page for this?