I am experimenting with Okta and the “okta-openidconnect-appauth-ios” test program to see what Okta can do on iOS 11.
I have set up the test program and was able to log in and get tokens, as well as see the user info, etc.
However, when I restart the app, or try to do the same thing from another app linked to the same clientID, I only see the username field filled in, and password is blank.
I was under the impression that I should be seeing SSO (meaning I don’t have to re-enter in my password) in these cases.
Is there something I need to specially configure to support this?
Thanks very much for the suggestion. Unfortunately the app you referred to has the exact same behavior: the name is auto-filled but the password is blank (even though I have chosen ‘remember me’. The SSO does work if I clear the token and try to Login again without killing the app.
So I guess nobody has tested this on iOS 11 yet?
Let me know if you have any other ideas as I really wanted to see Okta working with iOS 11 (ideally OIDC).
When iOS 11 was released, internal teams at Okta decided to not persist an Okta session when using SFAuthenticationSession. This is a huge blocker for native SSO use cases, and our team is working on getting that changed now.
In the meantime, you could enable iOS keychain sharing to your apps by using access groups. This will allow sharing a user’s accessToken + idToken across apps. I’m working on making this easy with the next version of okta-sdk-ios-appauth.
I’ve created an issue here - so please feel free to follow along to get the most up-to-date information.
Just checking to see if there has been in progress with this. Also, wanted to see if anybody was able to achieve workaround with access groups. If so, how? Thank you.
