Sign in with Apple (SIWA) not redirecting

We are using the Authentication > Social > Apple integration through an Oauth2 library in iOS devices.
All the social providers we’ve tested work fine except Apple sign In (SIWA).
Specifically doesn’t work when using FaceID or TouchID, while if you choose to use another appleid during the process does work fine.

The exact problem is that is not triggering the Universal link redirect_uri that we use, universal link redirection work perfectly fine with other oauth providers.

We also have a client of our platform that uses their own Oauth2 server (a php, Laravel version) instead of Auth0 and it works using TouchID and FaceID and Universal Link does work too.

The Oauth library is using the latest ASWebAuthenticationSession.
The URL that appears at the top of the modal web view (ASWebAuthenticationSession) if copied and pasted in the browser redirects to the app and finalise the oauth2 flow correctly.
So there has to be something that is preventing the universal link to be triggered in the auth0 internal implementation.

Our platform allows to integrate any oauth2 provider, that includes using auth0 or other oauth2 servers.
We have a client that uses an Oauth2 Laravel server where SIWA redirects fine using touchid or appleid, while our users that use Auth0 doesn’t.

We found this issue:

But is supposed to be fixed, and happened only on older iOS versions, so not sure what is happening.

Same configuration works fine in auth0 when using WKWebView or Safari, but not when using ASWebAuthenticationSession or SFSafariViewController (only when using auth0 service, other custom solutions work fine), so maybe is something related to how auth0 handle cookies?

I reduced the problems to a Universal Link issue at the end, SIWA web with TouchID, FaceID seems to work only when the “Sign In with Apple” button is triggered on the modal web not in the app itself.

Probably due to this Universal Links limitation:

Redirections will only open an app from a Universal Link only if the user tapped a URL from the same domain as the redirected URL.

Mistery solved.