We are integrating Keycloak for our organization for some REST services, web and mobile apps (iOS and Android). From the iOS side for the now, we use AppAuth-iOS SDK which effectively allows some users to authenticate themself via a Webview (underlying by using a instance of SFSafariViewController class).
For the account management page, we want to display the account page (/account) via the SFSafariViewController (as preconised from the RFC) but when this page is displayed, the user have to authenticate again because the session cookies was lost in the previous authentication context.
To be note that we cannot get back the generated Keycloak cookies provided from the authentication context. because SFSafariViewController seems not propose this feature.
Have you had any experience or suggestion on both the mobile app and backend side?
Thanks for reading,