Skip to content

iOSAuthSession

Static API optimized for authentication flows.

Kodster.InAppWebBrowser.iOS.iOSAuthSession

Overview

iOSAuthSession wraps Apple's ASWebAuthenticationSession for OAuth and authentication workflows.

  • On non-iOS platforms (including the Unity Editor), the session is unavailable. Callbacks receive an Error result with an explanatory message.

Compared to general-purpose iOSBrowser, iOSAuthSession:

  • Strips unnecessary features: Removes UI elements and features not needed for authentication.
  • Enhances security: Returns the redirect URL via a direct callback instead of routing through the app's URL handler.

Perfect for:

  • OAuth 2.0 flows (Google, GitHub, Facebook, etc.)
  • Account linking
  • Any authorization flow with a redirect URI scheme or HTTPS universal link

Properties

IsHttpsCallbackSupported

public static bool IsHttpsCallbackSupported { get; }

Whether the current device supports HTTPS-based callback URLs (universal links) for the authentication flow.

Returns

  • true if supported; otherwise false.

Remarks

  • Requires iOS 17.4 or later.
  • On non-iOS platforms (including the Unity Editor), this always returns false.
  • Check this before calling the HTTPS-callback overloads of Start / StartAsync. Fall back to a custom URL scheme overload when unsupported.

Methods

Start (custom scheme)

public static void Start(
    string url,
    string redirectScheme,
    Action<iOSAuthResult> onComplete,
    bool ephemeralBrowsingEnabled = false
)

Starts an authentication session with a custom URL scheme callback and invokes onComplete when it finishes.

Parameters

  • url (string): The authentication URL to open.
  • redirectScheme (string): The custom URL scheme the auth provider redirects to.
  • onComplete (Action<iOSAuthResult>): Callback invoked with the session result.
  • ephemeralBrowsingEnabled (bool, optional): When true, the session does not share cookies or browsing data with the system browser.

Throws

  • ArgumentException: Thrown when url is null, empty, whitespace, or not a valid absolute http/https URL.

Remarks

  • Starting a new session while a previous one is still pending logs a warning; the previous callback will not be invoked.

Start (HTTPS callback)

public static void Start(
    string url,
    string redirectHost,
    string redirectPath,
    Action<iOSAuthResult> onComplete,
    bool ephemeralBrowsingEnabled = false
)

Starts an authentication session with an HTTPS universal link callback and invokes onComplete when it finishes.

Parameters

  • url (string): The authentication URL to open.
  • redirectHost (string): The host portion of the HTTPS callback URL.
  • redirectPath (string): The path portion of the HTTPS callback URL.
  • onComplete (Action<iOSAuthResult>): Callback invoked with the session result.
  • ephemeralBrowsingEnabled (bool, optional): When true, the session does not share cookies or browsing data with the system browser.

Throws

  • ArgumentException: Thrown when url is null, empty, whitespace, or not a valid absolute http/https URL.

Remarks

  • Requires iOS 17.4 or later — check IsHttpsCallbackSupported before calling.

StartAsync (custom scheme)

public static Task<iOSAuthResult> StartAsync(
    string url,
    string redirectScheme,
    bool ephemeralBrowsingEnabled = false,
    CancellationToken cancellationToken = default
)

Starts an authentication session with a custom URL scheme callback and returns a task that completes with the session result.

Parameters

  • url (string): The authentication URL to open.
  • redirectScheme (string): The custom URL scheme the auth provider redirects to.
  • ephemeralBrowsingEnabled (bool, optional): When true, the session does not share cookies or browsing data with the system browser.
  • cancellationToken (CancellationToken, optional): Cancels the session when triggered.

Returns

  • A task that resolves to the session result.

Throws

  • ArgumentException: Thrown when url is null, empty, whitespace, or not a valid absolute http/https URL.

StartAsync (HTTPS callback)

public static Task<iOSAuthResult> StartAsync(
    string url,
    string redirectHost,
    string redirectPath,
    bool ephemeralBrowsingEnabled = false,
    CancellationToken cancellationToken = default
)

Starts an authentication session and returns a task that completes with the session result. Check IsHttpsCallbackSupported before calling.

Parameters

  • url (string): The authentication URL to open.
  • redirectHost (string): The host portion of the HTTPS callback URL.
  • redirectPath (string): The path portion of the HTTPS callback URL.
  • ephemeralBrowsingEnabled (bool, optional): When true, the session does not share cookies or browsing data with the system browser.
  • cancellationToken (CancellationToken, optional): Cancels the session when triggered.

Returns

  • A task that resolves to the session result.

Throws

  • ArgumentException: Thrown when url is null, empty, whitespace, or not a valid absolute http/https URL.

Cancel

public static void Cancel()

Cancels the currently active authentication session.

Example

#if UNITY_IOS
using Kodster.InAppWebBrowser.iOS;
using UnityEngine;
using System.Threading.Tasks;

public sealed class LoginManager : MonoBehaviour
{
    public async Task LoginWithGoogle()
    {
        var result = await iOSAuthSession.StartAsync(
            "https://accounts.google.com/o/oauth2/v2/auth?...",
            "com.example.game",
            ephemeralBrowsingEnabled: true
        );

        if (result.Code == iOSAuthResultCode.Success)
        {
            Debug.Log($"Auth callback URL: {result.Message}");
        }
        else
        {
            Debug.Log($"Authentication failed: {result.Message}");
        }
    }
}
#endif