Using Auth0 with a SAML2 Web App
Auth0.swift Saving and Renewing Tokens
When an authentication is performed with the
offline_access SAML2scope included, it will return a Callback URLRefresh Token that can be used to request a new user token, without asking for credentials again.
Enable the SAML2 Web App Addon for your Auth0 Application
Auth0.swift provides a utility class to streamline the process of storing and renewing credentials. You can access the
idToken properties from the Credentials instance. This is the preferred method to manage user credentials.
First, import the
Next, present the Login:
Provide Your Auth0 Application Details to Your SAML2 Web App
It can be useful to perform a quick sanity check that you have valid credentials stored in the manager. If not the user can then be directed to authenticate.
Passive SAML Requests
Retrieving User Credentials
You can retrieve the user's credentials as follows:
Alternative Method - SimpleKeychain
If you are familiar with Lock v1, you may already be using the SimpleKeychain SDK to handle iOS Keychain read/write access. This section is for developers who would prefer to keep using the SimpleKeychain and not upgrade to the preferred Credentials Manager.
First thing you need to do is store the tokens you need. In this case, you will store the
refresh_token in the Keychain after a successful authentication.
Once you have those stored, you can at any point request a fresh Credentials instance.