Use of HTTP URLs in iOS Since Version 10

rueben.tiow · January 19, 2024, 1:21am

Problem statement

The documentation for the Quickstart for iOS/MacOS apps describes how to setup Allowed Callback URLs in the format of:

YOUR_BUNDLE_IDENTIFIER://{yourDomain}/ios/YOUR_BUNDLE_IDENTIFIER/callback

However this app fails in production with the following error:

Use publicly-accessible Allowed Callback URLs for all Applications

Check the version of iOS that is in use when this error is encountered. This issue is likely to be encountered with iOS 10 and later versions.

It is not possible to use HTTP URLs as OAuth callbacks on iOS since iOS 10. It is necessary to use a custom scheme.

Refer to OAuth 2.0 redirection with Universal Links should NOT require user interaction for details of a workaround that involves setting up an interstitial page with a button to redirect to the app.

Topic		Replies	Views
Unsure what redirect_uri to use with 1.6.0 Help auth0 , webauth , authorize	1	3925	October 8, 2019
Swift tutorial - callback URL mismatch Help	3	3499	July 14, 2020
iOS Objective-C Callback URL for Google Help auth0 , social-connections , google , clients	5	3915	March 2, 2018
Callback URLs for SwiftUI Apps \| Apple Sign-In Help	1	1873	January 5, 2024
Setting Callback URLs for Mobile App Knowledge Articles callback-urls , mobile , native	1	2321	March 1, 2023