• Home
    • Pugpig Bolt
    • Authentication and Subscriptions
    • PKCE

    Using Secure Web Views

    Written by Jon Marks

    Updated at April 4th, 2023

    • Pugpig Bolt
      Bolt apps Content and Workflows Bolt CMS Pugpig Distribution Service URLs, Domains and Linking Bolt Search Authentication and Subscriptions Bolt Analytics Push notifications Bolt Release Notes Debugging Advertising App stores Consent management Bolt third party integrations
    • Pugpig Site
      Site Search URLs, Domains and Linking Content Management System Analytics SEO Advertising Consent Management Platform Site Release Notes Debugging Authentication and Subscriptions
    • Pugpig Archive
    • Working with Pugpig
      Pugpig Support Releasing new versions Pugpig Packs & Agreements Pugpig Policies
    • Pugpig Consulting
    + More

    Table of Contents

    Why use a secure Web View Google Developer Warnings

    Why use a secure Web View

    When using the PKCE flow (or any flow into which the user enters sensitive information), it is important to use the secure web views provided by the operating systems.

    On iOS, in line with Apple's guidance we use their Authentication Services Framework. On Android, we use Custom Tabs where available or fallback to the device's browser. We never use embedded web views for authentication on either platform.

    The Pugpig Apps have been using these sanctioned non-embedded web views for many years.

    Google Developer Warnings

    Some of our clients (in particular those using a PKCE flow including Google Sign In, for example Piano) have been receiving emails like this:

    However, according to Google's announcement, the warnings have been visible since August 2021. Unless you see a warning, you can ignore these emails for your Pugpig apps. Pugpig apps have been using the secure web views sanctioned by the same announcement on both platforms for as long as they have existed, see above.

    However, please get in touch if you ever see a message like this in your app:

     

    web security secure web

    Was this article helpful?

    Yes
    No
    Give feedback about this article

    Related Articles

    • Integrating PKCE authentication & cross entitlement for Piano
    • Web-based authentication integrations in Pugpig apps using PKCE
    pugpig logo white
    Navigation
    • Products
    • Customers
    • News
    • Podcast
    Contact
    • Contact us
    • LinkedIn
    • Twitter
    Technical Support
    • Status Page
    • Documentation
    • Customer Support
    Corporate
    • Company
    • Jobs
    • Privacy Policy

    © Kaldor Ltd. 2022

    Powered by Pugpig


    Knowledge Base Software powered by Helpjuice

    Expand