How to manage deeplink fallback?


When going through the login flow my user can ask for a new password if they forgot their own. I thought about passing the login challenge code by email so that when they define their new password, they can immediately login and be redirected into the original client application.

My issue is that, if as redirect URI I use a deeplink “myapp://…”, and the user opens the link onto its desktop (a different device), the deeplink won’t work.

I thought about multiple solutions:

  1. Instead of using a deeplink use a Universal Link… but sometimes the phone needs to be restart so the Universal Link is taken in account, and worst… if I’m doing the in-app browser login, the Universal Link doesn’t work at all -> I tried to watch URL change for this in-app browser to handle right callback URLs but it seems that’s not allowed on Android/iPhone (for privacy I guess?).

  2. When logging successfully I get “redirectTo” link from Hydra that targets Hydra for redirection. So I redirect to it and thanks to a setTimeout (that checks if the user has not been redirected because the deeplink is not working due to none native application), I just show an error message to the user “Hey, you started the flow from your native application, either log in a new time from there, or start using our webapp (website) at https://…”

The (2) makes the flow broken but at least it targets a few users I think (not everyone will change channel probably).

The (1) just ends up in the webapp (not the native), so I could show an error message the user needs to log in a new time (since that’s not the same “application” in all cases the login flow could not be fully finished 'cause of missing local codes…).

Any thoughts about a another approach to make the user experience “smooth” when the end-user opens email link from another device with no native application installed?

I hope I didn’t misunderstand some concepts… if so, tell me :slight_smile:

Thank you,