I want to build an app that allows user to login with client certificate stored by MDM. After days of googling, I think it's not possible given the discussions in this thread https://forums.developer.apple.com/thread/52345. However, it looks like I can somehow utilize Safari(system app) to authenticate for me. I've tried MS apps and found this flow seems positive.
Basically, the flow should look like below:
1. User launches my app and start entering the credential. (login page is WKWebView)
2. My app detects that user has certificate installed on the device
3. My app calls [[UIApplication sharedApplication] openURL:[NSURL URLWithString:@"http://url"]]; to launch Safari
4. Safari prompts up a dialog to have user consent the use of certificate
5. Safari closes itself (or redirects to my app. I'm not sure how this part is handled) after authentication.
6. My app needs a way to inject the result from Safari to WKWebView
I can't find any complete tutorial on how this can be accomplished. Also, I found that in the same discussion thread, didReceiveAuthenticationChallenge was mentioned that might have a solution for this, but I tried it and no luck.