Since the default login method doesn’t use ephemeral sessions, we need to keep the default for clearSession for consistency–otherwise if someone logs in via “real” Safari and tries to log out with an ephemeral session, their Safari session will persist.
I chatted with the SDK engineers about brief persistence of ephemeral sessions–they weren’t aware of it happening. I have a test app that performs logins with both, and I’m not able to reproduce any persistence of ephemeral sessions in iOS 14.2. The “real” Safari instance is definitely separate from the ephemeral instance, and if I log in with an ephemeral session and try to do it again within a couple seconds, I am prompted for credentials again. If you can share a video or specific steps and configurations to reproduce, this an interesting issue that I’d like to follow up on.
iOS versions below 13.0 behave differently. Ephemeral sessions aren’t an option there, but if you request an ephemeral session in the SDK, you just get a regular Safari session and still see the “wants to sign in with…” prompt.