iOS 15.5 ASWebAuthenticationSession not handling associated domain

We use ASWebAuthenticationSession to authenticate users in our app, and we so far relied on an associated domain (universal link) for the last redirection step (callback), instead of a custom scheme, for security reasons.

It works fine on iOS <= 15.4.1 (current release at time of writing), but we noticed that the associated domain is no longer detected during the callback on iOS 15.5 (beta 4).

As a result, the user ends up on our web app within the ASWebAuthenticationSession view, and the app authentication never finishes.

Is anybody experiencing the same issue?

Thanks.

Post not yet marked as solved Up vote post of PocketCampus.Org Down vote post of PocketCampus.Org
1.3k views
Posted by
PocketCampus.Org
Reply
Add a Comment

Replies

The issue seems to unrelated to iOS 15.5, but due to a recent change in our backend which made us lost our domain registration (the apple-app-site-association verification was failing due to a redirect, which is forbidden). It was just a coincidence that our first device that dropped the association was the one running iOS 15.5.

Posted by
PocketCampus.Org
Up vote reply of PocketCampus.Org Down vote reply of PocketCampus.Org

  • Turns out we still do have a problem with iOS 15.5 (beta 4). We fix the associated domain issue, it works work well from outside and inside the app on iOS 15.4, but on iOS 15.5 it only works from the outside, not within ASWebAuthenticationSession or SFSafariViewController.

    PocketCampus.Org
Add a Comment

iOS 15.5 RC is out, and the problem is still there. This is a big issue for us. Basically, it seems that ASWebAuthenticationSession and SFSafariViewController no longer detect associated domains URLs if those are triggered by a redirection.

Posted by
PocketCampus.Org
Post not yet marked as solved Up vote reply of PocketCampus.Org Down vote reply of PocketCampus.Org
Add a Comment