SSO not working in iOS when using AWS Cognito and Azure AD

We are using Azure AD as OIDC Identity Provider in AWS Cognito. In iOS side, we use ASWebAuthenticationSession to show a web view and let the user login. User can login successfully but the issue is when opening Safari browser in the iPhone and going to the user's Microsoft account, the user needs to input his/her credentials.

Notes:

• prefersEphemeralWebBrowserSession is set to false
• We've tried to use older APIs such as SFSafariViewController and SFAuthenticationSession
• We have our own Authorization and SSO is working between our app and Safari.

Anything we're missing for SSO to work between our app and Safari app?

It seems SSO depends on a couple of things

• How do authentication services store the cookies
• What API you use to login the user

Found this very useful blog from Okta that summarizes cookies sharing between Safari app, SFSafariViewController, SFAuthenticationSession, ASWebAuthenticationSession.