Our Ionic 2 mobile app was rejected by apple because of the following reason:

We noticed that the user is taken to Safari to sign in or register for an account, which provides a poor user experience. Please revise your app to enable users to sign in or register for an account in the app.

The Auth0 Lock provides the user with a sign up button that we configured through the signUpLink option of the Lock. This button opens a registration page in the system browser (Safari) outside of the application, which apparently isn't acceptable for Apple.

Before we upgraded to the latest version of Ionic 2 (Ionic 2 beta 11), the lock would open the link in the InAppBrowser, which is acceptable for Apple. Because of the difference in Ionic 2 version, I imagine this could be an Ionic issue.

I made sure I had the Cordova InAppBrowser plugin installed. It's present in my config.xml as <plugin name="cordova-plugin-inappbrowser" spec="~1.6.1" /> and when I open the .xcproject file in XCode, the plugin is present in the Plugins folder. I have also tested using the InAppBrowser manually using open('https://www.google.com/, '_blank'); which opened the InAppBrowser as it should.

Neither the code regarding the Auth0 Lock, nor the URL to the registration page changed.

Auth0 Lock version: 10.6 (have also tried on 10.11, didn't solve the issue)
Ionic version: 2.1.0 OS: iOS

What could've changed since the Ionic 2 beta 11 that would affect opening the link in the InAppBrowser?

I have come up with a dirty temporary workaround by adding an onclick attribute to the button that opens the link in the window.open function:

    this.lock.on('show', () => {
        let parent: Element = undefined;
        let intervalIndex = 0;
        let interval = setInterval(() => {
            parent = document.getElementsByClassName('auth0-lock-tabs')[0];

            if (parent) {
                let item = parent.children.item(1).children.item(0);
                item.setAttribute('onclick', `window.open('${AppSettings.registrationUrl}', '_blank'); return false;`);
                item.removeAttribute('href');

                clearInterval(interval);
            }

            if (intervalIndex == 20)
                clearInterval(interval);

            intervalIndex++;
        }, 500);
    });

With this modification, the sign up link opens in the InAppBrowser and therefore doesn't violate Apple's terms anymore.

Note: this is not a good answer to this problem and is not a guaranteed fix as there is a delay on configuring this onclick attribute on the button.