we’re currently running into an issue with the authentication flow in case a user already has a valid Auth0 session inside a Chrome / Chrome Custom Tab. We’re trying to use Android App Links, I’ve successfully configured the signing certificate and app package name inside the Auth0 dashboard. This seems to be related to this issue, unfortunately it was never properly solved. I don’t really like the approach presented over there as it seems to be more of a dirty workaround rather than a proper solution. The Android Logcat already confirmed that the domain verification worked, namely:
IntentFilterIntentOp: Verifying IntentFilter. verificationId:12 scheme:"https" hosts:"mytenant.eu.auth0.com" package:"com.mypackage". IntentFilterIntentOp: Verification 12 complete. Success:true. Failed hosts:.
Unfortunately, as soon as a user is already authenticated and one starts the authentication flow, the Chrome Custom Tab presents
Cannot GET /android/com.mypackage/callback as output.
A workaround is to logout on a website that uses the same Auth0 tenant and use the login page inside the app when re-starting the flow inside the native Android client.
We’re using the
Auth0.Android SDK in version
1.20.1. I was able to reproduce the issue on both a Google Pixel 3 running Android 10 and a Samsung Galaxy S8+ running Android 9.
Are you aware of any issues regarding this component?