IOS associated Domain - Store/autofill password

Has anyone been able to get this to work, I added the “Associated Domains” pointed it to my url, “webcredentials:example.com” I have my login form with “username” and “current-password”

I added the “apple-app-site-association” to my “root” as well as the “.well-known”

just no popup to save/store the password
https://developer.apple.com/documentation/security/password_autofill

I am not even seeing anything that xcode is validating the association and if its passed or failed.

I gather you’re talking about a Cordova app. Your server is running on localhost, and that’s what WKWebView is loading, not your .com domain. So this is a way to associate your app with a domain for Apple’s password manager.

I have the same problem, albeit I first noticed it with LastPass. I imagine any password manager would have a hard time with a WKWebView.

Just guessing here, but my thought is that this “Associated Domains” setting (which I can’t find in my Xcode apparently because I need to create a Developer Account first) doesn’t affect what’s inside WKWebView. I’ve found this to be true of other things about WKWebView – like it’s running in its own little sandbox that doesn’t necessarily take on the attributes or entitlements of the parent app.

I’d be interested in a solution to this as well since I’m spoiled by password managers these days and I’d like my app to be compatible with them too.

I wonder if cordova-plugin-app-scope might be a solution?

Update: It works! :tada:

It was easy once I figured out what to do. Three steps:

  1. Register an App Id in my Apple Developer Account and add the “Associated Domains” capability.

  2. Add this to mobile-config.js:

let associatedDomainsConfigFor = (file) => `
  <config-file target="${file}" parent="com.apple.developer.associated-domains">
    <array>
      <string>webcredentials:REPLACE_WITH_YOUR_DOMAIN.com</string>
    </array>
  </config-file>`;

App.appendToConfig(`
<platform name="ios">
  ${associatedDomainsConfigFor("*-Debug.plist")}
  ${associatedDomainsConfigFor("*-Release.plist")}
</platform>
`);
  1. Delete the app from iOS device and reinstall it. (I read this was necessary with associated-domains changes.)

And voila. Doesn’t need any cordova plugins.

1 Like