Authentication Services

RSS for tag

Improve the experience of users when they enter credentials to establish their identity using Authentication Services.

Authentication Services Documentation

Posts under Authentication Services tag

74 Posts
Sort by:
Post not yet marked as solved
2 Replies
242 Views
Hello! I checked the developer document, looks like there's no API for passkeys from 3rd party password manager so far. My question is, will there be a new API to support sign-in (make assertion) by 3rd party password manager? (Like we can support account / password autofill by extension?) Thank you. Hubert
Posted
by dm-hubert.
Last updated
.
Post not yet marked as solved
1 Replies
219 Views
Hello, If anybody could pleeease help me, I would like to know who or where to contact to have my nickname appear correctly in Game Center on my iPhone.  Cupcakesugarpie is my long established username across the internet and e-commerce since 1999.  I also own the .com .net .org & established as personal brand, however will not let me use in Game Center as my nickname, says it is already taken.  Sincerely, Cupcakesugarpie
Posted Last updated
.
Post not yet marked as solved
2 Replies
265 Views
WebAuthn API returns fully qualified origin of the API requester in the clientDataJSON. In case of passkey native api, which information is returned and how does it look like? I cannot find such information in anywhere. Thanks in advance.
Posted
by KieunShin.
Last updated
.
Post marked as solved
2 Replies
267 Views
Hi, I want to implement FIDO based biometric authentication in our app. I don't want to use passkeys because they are only compatible with iOS 16 and higher. Is there a way to use it through the SFSafariViewController, a web view, ASWebAuthenticationSession or any another method?
Posted
by SJose.
Last updated
.
Post not yet marked as solved
1 Replies
185 Views
I'm building a FIDO2 device that is working as expected on Windows, but fails on Mac. After analyzing USB data, I see that when creating or verifying the PIN, the dialog asking for a pin pops up in the browser but it is never sent to my hardware authenticator device. I've never developed for a mac before and am looking for some advice with regards to debugging where things are breaking down.
Posted
by rohis.
Last updated
.
Post marked as solved
2 Replies
243 Views
Before promoting passkey registration, I would like to check whether the user device has platform authenticator (or passkey platform authenticator). While trying to search such feature in the docs, I cannot find it anywhere. Is this intended? If there is no such api, how can we know whether the user can register passkey?
Posted
by KieunShin.
Last updated
.
Post not yet marked as solved
0 Replies
216 Views
Trying develop a sign-in screen for a tvOS app. Getting a couple of errors. Using a sample app and it appears a number of things are happening. Here is one of the errors. 2022-10-20 15:30:43.685149-0500 testSignIn[29629:2579088] [siwa] Credential State request returned with error: Error Domain=AKAuthenticationError Code=-7074 "(null)" and then later I see the next one. 2022-10-20 15:39:39.155369-0500 testSignIn[29629:2579082] [siwa] Authorization failed: Error Domain=AKAuthenticationError Code=-7027 "(null)" UserInfo={AKClientBundleID=KaiserClix.testSignIn} I am new to Apple development so I am unsure what exactly I need. Trying to learn via the sample app but I can't get it work. Please help! Been banging my head against the wall. Thanks, Greg
Posted
by GregK63.
Last updated
.
Post not yet marked as solved
0 Replies
231 Views
From a Hybrid Cordova app, we are attempting OIDC authentication by opening the authentication URL in SFSafariViewController. Once login is successful, the session cookie is set by the server. The Cordova app then dismisses SFSafariViewController and the authentication code is passed to the app for validation. Next time when the OIDC URL is launched again in SFSafariViewController, the session cookie is missing. We can see that cookies that are correctly set by the server in set-cookie header but are not sent by safari in the subsequent calls. This issue does not happen all the time. And it is not specific to any device model. We faced the same issue earlier in iOS 14.6 and posted a query https://developer.apple.com/forums/thread/684675 and could see others facing the same problem as well https://developer.apple.com/forums/thread/663533 but the issue got fixed on its own in the next iOS update. It has resurfaced again in the latest version (16.0.2) Not sure if any update done in Safari during the iOS upgrade is causing this issue. Is anyone facing the cookie issue on iOS 14.6 or 16.0.2?
Posted
by aghilesh.
Last updated
.
Post not yet marked as solved
0 Replies
191 Views
I am also facing the same issue when I try to log in using google auth. After successful login, I want the application should navigate back in the application, Please guide me for the same.
Posted Last updated
.
Post not yet marked as solved
0 Replies
256 Views
I'd like to ask Apple about Apple's Capable Portal Mini-Browser (CPMB) WebauthN technical support and plans. In the Captive Network Portal Standards 1.0 document 3.11 WebAuthN/CTAP2 Support (FIDO2) section, It says that the CPMB should also be able to support WebAuthN, which enables password-less, MFA. Currently, it's confirmed that biometric authentication through WebAuthN is not supported when accessing the site on CPMB in iOS and MacOS. Is there any technical support plan from Apple? What's the expected schedule if Apple have a plan?
Posted
by yiwon1107.
Last updated
.
Post not yet marked as solved
3 Replies
1.1k Views
PWA Freezing after OpenID authorizes user [iOS Safari Standalone] I have built a simple PWA for our security staff that allows employees to click links and view content about our company's policies on various matters. The app uses Microsoft's OWIN middleware library to authorize our employees' access into the app via their enterprise Microsoft login creds. When a user clicks the 'Employee Sign in' prompt on our login page, they are redirected to Microsoft's domain to complete the sign-in process. Once sign in is complete, they are redirected back to our app's home page. The Problem The problem appears only to arise when iOS users (v13) pin the app to their homescreen and then launch the app in standalone mode, and only after the user has completely terminated the app and then returned. We've tested the app on Chrome, Safari (non-standalone mode), Firefox, and the issue does not present in those browswers. The app functions seamlessly up until the point that the user has completed their Microsoft signin and been redirected back to the home page. At this point, if a user clicks a link to another page (within the app), the app completely locks up, doesn't respond to further button clicks, and doesn't load the page prompted by the user. No errors are thrown in the console. What we've found immediately kicks everything back into gear is if the user switches to another app (even just for a second) and then switches back to our PWA when it's locked up. At this point, the page that the user attempted to navigate to loads immediately without further prompting and the app works 100% seamlessly after this point. It's only the initial version of the default page that freezes. Potential Causes My current working theory is that the problem is being caused by some combination of the following: Redirection to Microsoft's sign in portal. When the user is sent to Microsoft for auth and then sent back to our domain, there could be issues with session/cookie continuity. iOS's standalone mode. In conjunction with the above, is it possible that using third-party authentication and briefly leaving the domain of the PWA is causing problems with future page navigation. This is supported by the idea that no other browsers or devices have this issue, and my research suggests that Apple support for PWAs is still in its early stages. Service worker failure. We have done significant testing to ensure that a service worker is being properly installed and registered when a user first enters the site. We have checks to re-register the SW just in case it is dropped at any point in page navigation. We are confident that at the time a user is redirected back to our home page after authentication that there is an active service worker that handles page GET requests. I have also tested explicitly caching the linked pages accessible from our home page during the service worker's registration to see if serving the page from the cache would alleviate the issue. It did not. This is the code in sw.js that handles fetch requests (taken from Google's handy guide): 	// "cache-first" approach for requests from client. Will try to get the file from the cache. 		// If no match found, it will send the request onto the network. If both fail serve fallback page. 		self.addEventListener("fetch", function (event) { 				if (event.request.method !== "GET") return; 				event.respondWith( 						// Try the cache 						caches.match(event.request).then(function (response) { 								console.log("[service worker] attempting to fetch file from cache..."); 								return response || fetch(event.request); 						}).catch(function () { 								// If both fail, show a generic fallback: 								return caches.match(offlineFallbackPage); 						}) 				); 		}); I have remotely debugged the PWA in standalone using a Mac, and what I have verified is that the click event that fires when a user clicks a link to navigate to a new page IS being properly handled, so the problem truly appears to lie in the loading of the linked pages themselves. Beyond that, debugging remotely has confirmed that there are no HTTP GET errors (or any other errors) firing at all when attempting to navigate to other pages on the site. This is the first PWA I've ever built and I'm a novice with all this stuff. So I'd love to know if I'm missing anything or where I can go from here. I've scoured all the forums and can't seem to find answers anywhere. Thanks!
Posted Last updated
.
Post not yet marked as solved
1 Replies
805 Views
Hello, Apple Team. In our iOS app, we are planning to use ASWebAuthenticationSession for cookie sharing with Safari App for single sign on. Normal steps we can think of are as follows: Start ASWebAuthenticationSession. Alert dialog shows up for user permission. If the user permits, web browser shows up. A certain our web page which set cookies is loaded, and immedeiately redirect to ASWebAuthenticationSession's callbackURLScheme url without user operation. ASWebAuthenticationSession's web browser dismissed. In this case, user does nothing on the web brwoser. So if the web browser does not appear on screen, we think user experience is much better. We find out that ASWebAuthenticationSession's web browser view controller can be hidden by using presentationAnchor(for:) method of ASWebAuthenticationPresentationContextProviding protocol. In this case, only alert dialog for user permission shows up. This is very good UX for our app. But we've found following statement on SFSafariViewController document. https://developer.apple.com/documentation/safariservices/sfsafariviewcontroller Important In accordance with App Store Review Guidelines, this view controller must be used to visibly present information to users; the controller may not be hidden or obscured by other views or layers. Additionally, an app may not use SFSafariViewController to track users without their knowledge and consent. And App Store Review Guidelines saids https://developer.apple.com/app-store/review/guidelines/ (vii) SafariViewController must be used to visibly present information to users; the controller may not be hidden or obscured by other views or layers. Additionally, an app may not use SafariViewController to track users without their knowledge and consent. ASWebAuthenticationSession document saids nothing about like this. But we would like to make clear. Are these statements applied to ASWebAuthenticationSession also? If we hide ASWebAuthenticationSession's web browser, our app will be rejected?
Posted Last updated
.
Post marked as solved
1 Replies
436 Views
Trying to implement a type that conforms to ASWebAuthenticationPresentationContextProviding. This is now causing errors with Xcode 14. With the following implementation:         final class PresentationContextProvider: NSObject, ASWebAuthenticationPresentationContextProviding {             func presentationAnchor(for session: ASWebAuthenticationSession) -> ASPresentationAnchor {                 return ASPresentationAnchor()             }         } I get this compilation error: Call to main actor-isolated initializer 'init()' in a synchronous nonisolated context So I can annotate the class or method with @MainActor, but then I get this warning: Main actor-isolated instance method 'presentationAnchor(for:)' cannot be used to satisfy nonisolated protocol requirement Is there a way to fix this?
Posted
by rolson.
Last updated
.
Post not yet marked as solved
2 Replies
844 Views
The "Setup verification codes using" section is gone from the passwords section in Settings. During the first beta or two I saw it there, and could register my app for otpauth in the urls section in Info in XCode. However, now this is completely gone in recent betas. Is this intentional?
Posted
by tgpeter07.
Last updated
.
Post not yet marked as solved
201 Replies
75k Views
Running the sample "Juice" app, which demos the Sign In With Apple flow, doesn't seem to work with Xcode 12 beta and iOS 14 beta on the simulator (worked fine on the non-beta versions and on a real device with iOS 14 beta). Once the password for the device's Apple ID is entered, the wheel in the password field just keeps spinning. No error messages and nothing handed back over to the app from the ASAuthorizationController. Anyone else seeing this problem ? Are there any workarounds ?
Posted
by npvisual.
Last updated
.
Post marked as solved
5 Replies
4.6k Views
Hi everyone, I am trying to authenticate an user through ASWebAuthenticationSession, and after that redirect to an URL that uses the callback scheme. The authentication page URL is correctly loaded on a browser thanks to ASWebAuthenticationPresentationContextProviding. But after form completed and authentication successfully, what I am doing is a redirect directly from my server to "http://localhost:5000/ios/hola?hola=hola" I am trying to catch this URL using a callbackScheme in my iOS app, using the same url that the one which I redirected the browser to, but this is not working. I also tried to create a Scheme URL to my identifier, and pass it to the callbackScheme, but this is not working either. Documentation is not very clear at how to manage the authentication callback and as a beginner I don't know the way to solve this. Some help would be appreciated. Thank you for your time! PD: This is the code of my class @available(iOS 12.0, *) class AuthView: UIViewController {     var authSession: ASWebAuthenticationSession!     override func viewDidLoad() {       super.viewDidLoad()         if #available(iOS 13.0, *) {             configureAuthSession()         }     }  	 @available(iOS 13.0, *) private func configureAuthSession() { let urlString = "http://localhost:3000/"         guard let url = URL(string: urlString) else { return }         let callbackScheme = "http://localhost:5000/ios/matriga/hola"         authSession = ASWebAuthenticationSession(url: url, callbackURLScheme: callbackScheme)         { (callbackURL, error) in             guard error == nil, let successURL = callbackURL else { return }             let code = NSURLComponents(string: (successURL.absoluteString))?.queryItems?.filter({ $0.name == "code" }).first         }         authSession.presentationContextProvider = self         authSession.start()     } } @available(iOS 12.0, *) extension AuthView: ASWebAuthenticationPresentationContextProviding {     @available(iOS 12.0, *)     func presentationAnchor(for session: ASWebAuthenticationSession) -> ASPresentationAnchor {         return self.view.window ?? ASPresentationAnchor()     } }
Posted
by aLosada_7.
Last updated
.
Post not yet marked as solved
0 Replies
442 Views
We're trying to test out "Sign in with Apple" for our site and have noticed there doesn't appear to be a way to bypass the 2FA requirement. Some of our site testing automation is getting held up because our testing account isn't configure to use MFA and we get a warning that "Two-Factor Authentication Required" when attempting to log in. Even Apple testing users can't sign in without being forced through MFA. Does anyone know if it's possible to disable this requirement for certain identities/services? I'm not thinking it's possible, but wanted to ask. We'd only disable this for our testing environment and not our production/live environment.
Posted
by kbowser.
Last updated
.
Post not yet marked as solved
0 Replies
356 Views
Apple rejected our app because when we use the Apple Sign Up button, the full name in the response is empty, but we need the first and last name in our app registration, so, the Text inputs in the app, first and last name is filled empty and we let the users enter those values, but Apple wants the users not to enter the values because the service already returns them but in our case are empty. We are using React native react-native-apple-authentication. Can anyone help us or have the same issue with apple review and how did you fix it?
Posted Last updated
.