Hi,
I am adding SSO to an existing internal company iOS app, so people at my company can authenticate using the same credentials they use on other company systems. I have added authentication using the “redirect model” and it is working adequately.
The fact that it asks the user for permission to open the browser for sign-in and sign-out is not the greatest user experience. I have seen some posts here from a year or two ago stating that there is no way to prevent that for the redirect model; is that still true?
If so, what are other possible options for authentication? Could I create my own native iOS sign-in page, and use the “resource owner password flow” as described here? Are there any other alternatives, since the documentation there discourages using that flow?