- Newest
- Most votes
- Most comments
Answering my own question:
- Apple displays the message with a domain extracted from the URL used to reach Cognito. There's no way to interfere with the process.
- However, we can add a custom domain to the Cognito user pool so the URL exposes our own domain. With that update, I can have a message like:
"Mogaland" Wants to Use "mogaland.io" to Sign In. This allows the app aand website to share information about you. Cancel / Continue.
- As Apple cuts the URLs to expose a limited part of it, having different domains like
auth.cert.mogaland.io
andauth.prod.mogaland.io
has no impact on the final user experience.
For CDK users, it's just a matter of calling addDomain()
:
// Create user pool const userPool = new UserPool(this, ..., ...); // Set a custom domain for the authorization path const certificate = Certificate.fromCertificateArn(this, 'domainCert', props.acmCertificateARN); const domainName = `auth.${props.stageName}.mogaland.io`; userPool.addDomain('Custom Domain', { customDomain: { domainName, certificate, } });
This consent message is created by iOS, therefore you might get better support in an iOS developer forum. Nevertheless, some hints which might help you resolving the issue. The message is potentially created by SFAuthenticationSession, which requests consent by design ("If an application uses SFAuthenticationSession, users are prompted by a dialog to give explicit consent, allowing the application to access the website’s data in Safari."). You might be able to remove the message by switching to ASWebAuthenticationSession instead. This one is the successor of SFAuthenticationSession, which is now deprecated.
Relevant content
- asked 4 months ago
- asked 8 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated 2 years ago
Thanks Michael.
I already use ASWebAuthenticationSession to trigger the request to AWS Cognito that will redirect users to the Google sign-in page. The message in popup is based on the URL passed to ASWebAuthenticationSession.
I'm going to look at setting a custom domain, so people will see
mogaland.io
in place ofamazoncongito.com
just before ending up on the Google Sign-In page,