Hello,
I’m encountering an issue with the authentication flow that only occurs on iPhone devices.
The flow is as follows: a WhatsApp bot sends a link to Keycloak login, and after successful login, it redirects to a proxy server where the code is exchanged for a token at the token endpoint. This works perfectly in desktop browsers (Chrome, Edge, Brave, etc.), but fails on iPhone (tested on Safari and Chrome).
Keycloak logs show the following error during the iPhone login attempt:
type="RESTART_AUTHENTICATION_ERROR", error="already_logged_in"
The redirect URI to the proxy also includes these parameters:
error=temporarily_unavailable&error_description=authentication_expired
I’m using TestingBot to emulate the flow on an iPhone and compare it with the same flow in a PC browser. I’ve noticed a few differences in the first request when the login page is loaded.
I haven’t found any specific solution for this issue.
But i have investigated if its an error fo how iphone handle cookies, CORS, but i dont have a clue yet.
Any help would be appreciated.