Support Android Auth Tab (AuthTabIntent) for Web Authentication #372
Description
Describe the feature request?
I am requesting support for the new Android Auth Tab (AuthTabIntent) as an option for the WebAuthenticationClient.
Currently, the SDK relies on standard Custom Tabs. While reliable, the new Auth Tab (introduced in Chrome 132 / androidx.browser:browser:1.9.0) is purpose-built for authentication flows. It offers:
A "Clean" Auth UI: Removes the "Share" button, "Open in Chrome," and other distractions that can lead users away from the login flow.
Better Callback Reliability: Uses a dedicated callback mechanism instead of traditional Intent interception, making it more robust against process death.
Security: Provides a more sandboxed experience specifically designed for passing credentials via redirects.
New or Affected Resource(s)
WebAuthenticationProvider: We would likely need a new or extended provider to support the additional parameters and builder patterns required for launching via AuthTabIntent.
Provide a documentation link
Okta Android SDK - Web-based authentication
Android Developer: Simplify authentication using Auth Tab
Additional Information?
The implementation would require updating the androidx.browser dependency to 1.9.0 or later.
By introducing a specialized WebAuthenticationProvider for Auth Tab, the SDK can leverage AuthTabIntent.Builder to handle the redirect host more securely while maintaining a seamless fallback to standard Custom Tabs (via AuthTabIntent.isSupported(context)) for users on older browser versions. This keeps the Okta Kotlin SDK aligned with Google’s latest security and UX recommendations for Android.