Lock v11 for Web



Auth0.swift is a client-side library for Auth0.

Check out the Auth0.swift repository on GitHub.

Lock Installation


  • iOS 9 or later
  • Xcode 8
  • Swift 3.0

Installation Sources




If you are using Carthage, add the following lines to your Cartfile:

Then run carthage bootstrap.

For more information about Carthage usage, check the official documentation.

Bundling Dependencies


If you are using Cocoapods, add these lines to your Podfile:

Then, run pod install.

For further reference on Cocoapods, check the official documentation.

Cross-Origin Authentication

Adding Auth0 Credentials

You will need to add an Auth0.plist file, containing your Auth0 client id and domain, to your main bundle. Here is an example of the file contents:


Web-based Auth (iOS Only)

First go to Auth0 Dashboard and go to application's settings. Make sure you have in Allowed PasswordlessCallback URLs a URL with the following format:

In your application's Info.plist file register your iOS Bundle Identifier as a custom scheme like this:

If your Info.plist is not shown in this format, you can Right Click on Info.plist in Xcode and then select Open As / Source Code.

Auth0.swift will only handle URLs with your Auth0 domain as host, for example com.auth0.MyApp://

Allow Auth0 to handle authentication callbacks. In your AppDelegate.swift add the following:

1. Initializing Lock

Authenticate with Universal Login

The first step in adding authentication to your iOS application is to provide a way for your users to log in. The fastest, most secure, and most feature-rich way to do this with Auth0 is to use Single Sign-on (SSO)Universal Login.

To ensure a response that complies with Universal LoginOpenID Connect (OIDC), you must either request an audience or enable the OIDC Conformant switch in your Auth0 dashboard, under Application > Settings > Show Advanced Settings > OAuth. For more information, refer to How to use the new flows.

If you need help between the two types of login flows, refer to Browser-Based vs. Native Login Flows on Mobile Devices

2. Authenticating and Getting User Info

Authenticate with a specific Auth0 connection

The connection option allows you to specify a connection that you wish to authenticate with. If no connection is specified here, the browser will show the login page, with all of the connections which are enabled for this application.

3. Showing Lock

Authenticate using a specific scope

Using scopes can allow you to return specific claims for specific fields in your request. Adding parameters to scope will allow you to add more scopes. The default scope is openid, and you should read our documentation on scopes for further details about them.


Getting user information

In order to retrieve a user's profile, you call the userInfo method and pass it the user's accessToken. Although the call returns a UserInfo instance, this is a basic OIDC conformant profile and the only guaranteed claim is the sub which contains the user's id, but depending on the requested scope the claims returned may vary. You can also use the sub value to call the Management API and return a full user profile.

Passwordless options

Next Steps

Take a look at the following resources to see how the Auth0.Swift SDK can be customized for your needs: