iOS Objective-C: Calling APIs
This tutorial will show you how to use Access Tokens to make authenticated API calls, using NSURLSession. We recommend you to Log in to follow this quickstart with examples configured for your account.
I want to integrate with my app15 minutes
I want to explore a sample app2 minutes
Get a sample configured with your account settings or check it out on Github.
Auth0 provides a set of tools for protecting your resources with end-to-end authentication in your application.
This tutorial shows you how to get an Access Token, attach it to a request with an authorization header and call an API. We recommend you use this method for the best security and compliance with RFC standards.
Before you continue with this tutorial, make sure that you have completed the previous tutorials. This tutorial assumes that:
- You have completed the Session Handling tutorial and you know how to handle the
- You have set up a backend application as API. To learn how to do it, follow one of the backend tutorials.
Create an Auth0 API
In the APIs section of the Auth0 dashboard, click Create API. Provide a name and an identifier for your API. You will use the identifier later when you're preparing the Web Authentication. For Signing Algorithm, select RS256.
Add a Scope
By default, the Access Token does not contain any authorization information. To limit access to your resources based on authorization, you must use scopes. Read more about scopes in the scopes documentation.
In the Auth0 dashboard, in the APIs section, click Scopes. Add any scopes you need to limit access to your API resources.
Get the User's Access Token
To retrieve an Access Token that is authorized to access your API, you need to specify the API Identifier value you created in the Auth0 APIs Dashboard.
Present the Hosted Login Page:
Attach the Access Token
To give the authenticated user access to secured resources in your API, include the user's Access Token in the requests you send to the API.
To attach an Access Token to a request:
Sample project configuration
When you are testing the sample project, configure your URL request in the
After you send a request and receive a response from your API, you can check the request status code in an alert view.