Post marked as unsolved
404
Views
We have an issue with the implementation of the apple sign in on the web page: Apple recenlty changed the guidelines for the usage of the "third-party login service".
Since our app use facebook and google sign-in service, we cannot update the Apple Application on Apple store since we don't offer the sign in with safari.
So we are developing the sign in with apple in the App and on the web page, but we have some trouble during the setup of the service ID.
We have created a new Service ID with a new identifier id, but when we try to enable sign in we see an error "This request is forbidden for security reasons. The bundle '' is not a primary App."
This is quite strange because the bundle is yet enable as primary App.
We have read that someone else also have this problem, by enabling Apple sign in with an existent app. Is there someone who can help me? Without Apple login we can not upload any new version of the app. We've already written to the apple developer support but they can't help us.
Thanks.
Post marked as solved
763
Views
In our app we're performing authentication using ASWebAuthenticationSession. SSO seems to work fine in iOS 13 for different paths for the same domain but when running the same app in iOS 14, cookies don't seem to be attached to subsequent requests once authenticated in safari window.
I'm not sure if it helps :
Looking at the logging in instruments when running the app in iOS 14 device, I can see :
00:09.690.903 Default iOS B2c Sample (1691) CFNetwork Default iOS B2c Sample 0x1631f Faulting in NSHTTPCookieStorage singleton
00:09.690.929 Default iOS B2c Sample (1691) CFNetwork Default iOS B2c Sample 0x1631f Faulting in CFHTTPCookieStorage singleton
00:09.690.944 Default iOS B2c Sample (1691) CFNetwork Default iOS B2c Sample 0x1631f Creating default cookie storage with default identifier
(Above logs don't happen in iOS 13)
and later in iOS 14:
00:10.113.701 Debug iOS B2c Sample (1691) CFNetwork Default iOS B2c Sample 0x1631c Task <88E60E41-6B7B-4787-ABF6-B65C92C8FF4E>.<1> request https://testb2c.b2clogin.com/testb2c.onmicrosoft.com/b2c_1_susi/oauth2/v2.0/token is NOT allowed to set HSTS for main doc
In iOS 13 :
00:15.570.171 Debug iOSB2C (5320) CFNetwork Default iOSB2C 0x24045d Task <79A2078B-718D-4D4D-A46D-1FF1B2238431>.<6> request n/a is NOT allowed to set HSTS for main doc
00:23.139.303 Debug iOSB2C (5320) CFNetwork Default iOSB2C 0x24045d Task <88D45825-FB1E-4C38-8EFF-87A8528B61E3>.<7> request n/a is NOT allowed to set HSTS for main doc
Has anyone noticed similar issue with ASWebAuthenticationSession?
Post marked as unsolved
133
Views
Does anyone know how to implement a Keycloak Login with Capacitor on iOS?
I tried to use Capacitor as the Keycloak Adapter and used a deeplink to redirect into the app after a successful login. It’s working the first time you login but safari stays opened in the background with the keycloak page opened. On the next app start the redirect into the app or back to login is not working and i only see a blank screen. I think it’s because the safari is still opened with the previous keycloak page if i close this page and start the app it’s working again.
Post marked as unsolved
220
Views
I'm interested in leveraging WebAuthn for an App that uses a web view for authentication. One of the open questions I'm grappling with is "what's the experience difference between WebAuthn on mobile vs. a native app experience?"
The biggest difference in usability that I'm able to see from a few demos is in the authentication experience (the registration experience seems pretty similar).
In the WebAuthn mobile experience, a user is prompted with "Do you want to sign in to 'XYZ@test.com' using a saved account?" with two options (one for a saved account and the second being "Account from Security Key"). I'd imagine this is different from mobile native experiences which immediately prompt Face/TouchID (less steps / friction).
Is there any way to prevent / suppress that screen? For example, if I update my request to not support security keys, would a user skip the "account / security key" prompt and default to Face/TouchID (assuming there was only one registered account)? Or would iOS still default to this prompt and a user would select his/her account?
Post marked as unsolved
279
Views
I’m trying to implement web credentials sharing on macOS 11.0.
According to documentation:
1) added associated domain file to website and now it’s available at location https://my.website/.well-known/apple-app-site-association (my.website is just and example here)
2) added Associated Domains entitlement to my macOS app with value webcredentials:my.website
Problems: when using SecAddSharedWebCredential func get callback error:
Error Domain=NSOSStatusErrorDomain Code=-4 "SecAddSharedWebCredentialSync not supported on this platform" (kCFMessagePortTransportError / kCSIdentityDeletedErr / unimpErr: / / unimplemented core routine) UserInfo={numberOfErrorsDeep=0, NSDescription=SecAddSharedWebCredentialSync not supported on this platform})
when using SecRequestSharedWebCredential func get console error and callback error (the same for ASAuthorizationController with ASAuthorizationPasswordRequest request)
Authorization failed: Error Domain=AKAuthenticationError Code=-7089
Error Domain=com.apple.AuthenticationServices.AuthorizationError Code=1000
What I’m doing wrong?
Post marked as unsolved
205
Views
Currently we have an environment, where we have pre-installed fully trusted certificates which are installed using a profile manager on the device.
We want to use the certificate for authentication. Basically we want to use Azure AD certificate based authentication for our custom ios application which uses the preinstalled certificates.
Currently when we open the webpage url, where we are using CBA in safari, it prompts to select the certificate and after selecting the certificate the user is successfully authenticated.
But if we open the same webpage URL in ios chrome or inside our native application(we are using WKWebView) no prompt dialog appears and we are unable to select the certificate and authenticate the user.
Post marked as unsolved
187
Views
I have an NSSecureTextField field in my MacOS app. I want to disable the password autofill option from coming up (the "Passwords..." button). How can I do this?
Post marked as unsolved
115
Views
My company recently upgraded to Big Sur and XCode 12.3. Whenever we modify an app and try to upload
it to the app store for review we see the attached error. We can successfully log in to the App Store Connect
and see our certs and accounts, so I’m not sure why the error states no account
was found. I've googled for this for over two weeks and have tried: Revoking certs
Clean derived data
Rebooting XCode
I have taken over app
development for the first time, and if anyone out there can help at all with assisting
me with this error, I would appreciate it.
Post marked as unsolved
100
Views
Hello,
I am interested in adding Apple Pay on the Product Detail Page of the e-commerce website I manage.
I am wondering how authentication on my website will work with Apple Pay.
Here is our current process:
User has an account: if user is logged out, in order to access the checkout page, we require user to login
User has no account: if user is logged out and has no account, in order to access the checkout page, we require user to share an email
With ApplePay, how do we manage logged out users?
The flow would be: user is logged out
user is on PDP
user selects a size
we prompt "buy with ApplePay"
user validates ApplePay
we prompt the ApplePay payment sheet with all configurable fields
user finalize the purchase
The problem in this flow: User has an account: In this flow, how do I link this purchase to the existing account in my backend system so that user can see his order history?
User has no account: In this flow, at what point in time does the account gets created in my back-end so that I can create an internal member ID and process the order?
Thanks,
Marguerite
Post marked as unsolved
236
Views
Hi All,
We are loading ASWebAuthenticationSession with a request URL which internally checks for the active session and cookies then returns the AuthCode in the Redirection URI, but sometime this is failing due to the cookie lost in between the requests. We see the cookies are present for first few requests and getting missed in between the request while redirecting to different URLs.
Is anyone faced the similar issue with ASWebAuthenticationSession?
This issue is observed in iOS 13 and above devices only, not in the simulator. Also, we if give 30 secs delay between Login session and AuthCode session it always works.
Post marked as unsolved
78
Views
Hi,
I am stuck on the authentication for my social media App although I followed a YouTube tutorial, from 2017. Build succeeds and it runs but when I enter authentication information it does nothing.
Does anyone know how to resolve this error or what it relates to?
nwprotocolgetquicimageblockinvoke dlopen libquic failed
Thanks
Post marked as unsolved
165
Views
I'm trying to create a Password Manager app for iOS in SwiftUI.
I would like that when users are logging into an account on a browser, it gets suggested to save that password into my app, as well as when they want to access a website of which the password is already stored, it get suggested for an autofill.
Is there a way to implement this into my app?
If not automatically, is there another way to make it? I noticed that other Password Managers available on the AppStore use an extension that you can add to your browser, but I image this would be more complicated.
Thanks to everyone!
Post marked as solved
164
Views
I am currently working on an iOS app that integrates with Shortcuts.
The app itself has authentication built in, and users are required to sign into the app before they can make use of the Actions that our app provides.
During our research to determine best practises using Shortcuts, we discovered that Atlassian's Trello product makes use of an authentication modal accessed via the action. This then loads an OAuth web page that allows users to authenticate with Shortcuts to retrieve data before they've signed into the native app.
My question is: how can we replicate this behaviour? I have scoured Apple Developer forums, StackOverflow and the rest of the web for clues but I'm struggling to find anything.
I have also posted this question to StackOverflow, with a few useful images (I can't seem to embed here): https://stackoverflow.com/questions/65874070/add-authentication-to-custom-intents-in-ios-shortcuts
Post marked as unsolved
79
Views
How to call ASWebAuthenticationSession completionHandler from the method scene(_ scene: UIScene, continue userActivity: NSUserActivity) from the SceneDelegate class?
Post marked as unsolved
97
Views
After getting this error in the console using ASWebAuthenticationSession, I'm curious whether or not http is still a valid scheme in IOS 14:
[AuthenticationSession] ASWebAuthenticationSession support for http scheme is deprecated and will be removed in a future version of iOS. Use https scheme instead. Also, is there a quick workaround to switch http with https?
