This is done to ensure that a third party cannot intercept the code used to exchange for an access token, or the access token itself.
On iOS, the end-user's device may fail to store or present a cookie to our identity server. In these cases, end-users are unable to connect their bank account, and may see an error similar to this screenshot:
What can I do to mitigate these errors?
Often, settings on the iOS device itself are preventing cookies from being stored, and causing the error.
You should recommend your end-user check the following settings on their device:
- Check your Safari settings. Go to Settings → Safari and look for "Prevent Cross-Site Tracking" and "Block All Cookies". Disable them and try again.
- Disable any Content Blockers that may be active on your Safari and try again. Go to Settings → Safari → Content Blockers:
- Make sure you're not using incognito/private mode on your browser as this might also affect the process.
What do I do if these steps do not resolve the issue?
TrueLayer are actively working on developing an alternate solution for identity verification that reduces our reliance on cookies. If you are experiencing the issue above, and the steps outlined have not helped, please create a ticket with the TrueLayer Client Care team.