iOS Add to Home Screen session results in Oops!, something went wrong

We have ten apps (all using same auth code) that recently started bouncing to the Oops!, something went wrong page, only on iOS, only when the Web session was started via an Add to Home Screen’ed icon. Nothing has changed in the code for months (which might be part of the problem). However, I know there have been iOS, Auth0, and other on changes since then.

The login attempts do not show up on the Auth0 logs, and I’m not aware of a JavaScript console for Add to Home Screen’ed web pages. And, as any good tool should, I couldn’t get it to actually try logging in when I used a MITM proxy to see if the HTTP(S) traffic contained any clues.

Any thoughts? Anyone else seeing this?

can you explain that? You mean you’re adding the /login page to your home screen?

One thing I’ve encountered today is that an add to homescreen’ed app can’t set cookies, (and neither can the iFrame I tried embedding the login flow in) Auth0 uses cookies to maintain state through its /authenticate, /login /callback screens before it returns you back to your callback/redirect page

I’m no expert at the individual upgrades of iOS but skimming around on https://github.com/firebase/firebase-js-sdk/issues/77#issuecomment-389764404 it’s clear that SSO won’t work in homescreen web apps because the user agent can’t be trusted.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.