OAuthError: The client specified not to prompt, but the user is not logged in.

[alhussain-m]

Describe the bug

We are encountering the following error when the app attempts to renew the token in the iOS app:

Error - OAuthError: The client specified not to prompt, but the user is not logged in.

We are using the following plugins in our Ionic Angular app (Angular 17, Ionic 7) for Okta authentication:
This setup works fine on desktop sites and Android apps, where the okta-auth-js plugin automatically handles token renewal. However, on iOS devices, the error persists.

Initially, we had an issue with third-party cookies being blocked, but we resolved it using the custom domain implementation recommended by Okta.

Any advice or solutions would be highly appreciated.

Reproduction Steps?

1. Log in to the app using Okta with the above widget version.
2. Inspect the app in Chrome DevTools "Mobile Mode" (to get the error log).
3. Wait for the access token and the refresh token to expire.
4. At the time of renewal, the error occurs, and the token refresh is unsuccessful on iOS devices.

FYI: We can recreate this issue in the Chrome browser when using Chrome DevTools in "Mobile Mode."

SDK Versions

@okta/okta-signin-widget: 7.16.1
@okta/okta-angular: 6.3.2
@okta/okta-auth-js: 7.5.1

Additional Information?

No response

[jaredperreault-okta]

Are you using refresh tokens (aka providing the offline_access scope?). Token refresh without using refresh tokens depends on a cookie session. It's possible the iOS environment is not persisting cookies and therefore the token refresh fails.