Passwordless Authentication on iOS with Touch ID (Swift)


Touch ID with Auth0 has been deprecated. This document is offered as reference for older implementations.

For an alternative approach, using the Credentials Manager utility in Auth0.swift, refer to Touch ID Authentication.

A feature specific to iOS is the support for Touch ID, which allows users to authenticate with their fingerprint (biometric authentication).

During sign-up, the library will generate a key pair on the device, create a user in Auth0, and register the public key for the user:

The private key is stored in the keystore of the device. Each time a user initiates authentication with a valid fingerprint, Touch ID retrieves the private key from the keystore, creates a token, signs it with the private key and sends it to Auth0. Auth0 then returns an ID Token, the user profile and, optionally, a Refresh Token.

You can use Touch ID with an iPhone 5s or later, an iPad Air 2, or an iPad mini 3 or later.


Using the Auth0 Lock

Lock is a widget that allows you to easily integrate Auth0's Passwordless Authentication into your iOS applications.

After installing and configuring Lock.iOS-OSX, you will be able to use Lock as follows.

Using your own UI

If you choose to build your own UI, you must install our TouchIDAuth library to handle the features specific to Touch ID.

Begin by signing up a user in a Database Connection:

You can generate a random password to avoid asking the user for one at this time. The user can change it later.

Once the user has signed up, use the idToken to register the public key for the user.

First, you will need a place to store an Auth0 API application with the token until you register the key, and a place to store the TouchID component:

Now implement the following method to perform TouchID authentication:

Then create and store the API application:

Now configure the TouchID Authentication component:

Then, to begin authentication, add this line: