Auth0 APIs

Saving and Refreshing JWT Tokens


This document covers an outdated version of OpenID ConnectLock for iOS. We recommend you to upgrade to v2

This feature uses delegation. By default, delegation is disabled for tenants without an add-on in use as of 8 June 2017. Legacy tenants who currently use an add-on that requires delegation may continue to use this feature. If delegation functionality is changed or removed from service at some point, customers who currently use it will be notified beforehand and given ample time to migrate.

When an authentication is performed with the offline_access SAMLscope included, it will return a Refresh Token that can be used to request a new JWT token and avoid asking the user his/her credentials again.

We are using SimpleKeychain to handle iOS Keychain access.

First thing we need to do is store the ID Token and Refresh Token in the iOS Keychain after a successful authentication.

Once you have those stored, you can at any point request a new ID Token using either of by calling to Auth0`s delegation endpoint.

Authentication API

Using a non-expired ID Token

Management API v2

Using Refresh Token

Management API v1 - DEPRECATED

Retrieving the user profile from Keychain

If you need to show profile information in your application, just retrieve the saved profile and pick what you need. For example: