WKWebView requires authentication

Which kind of authentication is this? There exist different ways to authenticate: the most common ones are web forms (which use cookies to preserve the login state for example) and HTTP authentication (which would use the URLCredentialStorage so preserve credentials).

Cookies are usually stored automatically by the WKWebView, but depending of the configuration, it might not do this. For example if the websiteDataStorage property of the WKWebViewConfiguration is configured to use a non-persistent storage, then cookies won't be stored (for example this is the case when using private tabs in Safari).

Also, since iOS 17 it is possible to create your own WKWebsiteDataStore objects and don't need to rely on the "shared" one or the non-persistent one that is provided by the iOS. If you create your own, then you need to make sure you use the correct identifiers, because the identifiers define which of the storages is actually used. When using a random identifier (like a uuid), you would create a completely new storage each time.

For HTTP authentication, you usually need to add some code yourself to handle these and make sure that the credentials are stored permanently (see the URLCredentialStorage API).

@elementarteilchen The website is https://login.microsoftonline.com. It's a web form and WKWebView is configured to use persistent storage.

It turned out that the website uses Microsoft Enterprise SSO for authentication and my app's bundle identifier must be added to the AppAllowList in our Entra ID configuration. Microsoft describes this in the Enable SSO for specific apps section of their KB article Microsoft Enterprise SSO plug-in for Apple devices. After adding the app to that list, everything worked as expected.