Docs

iOS Swift: Login

View on Github

iOS Swift: Login

Gravatar for martin.walsh@auth0.com
By Martin Walsh

This tutorial demonstrates how to add user login to a Swift application using Auth0. We recommend you to Log in to follow this quickstart with examples configured for your account.

Or

I want to explore a sample app

2 minutes

Get a sample configured with your account settings or check it out on Github.

View on Github
System requirements: CocoaPods 1.6 (Beta) | Xcode 10.1 | iOS 9+

Before you Start

This tutorial demonstrates how to add user login to a Swift application using Web Authentication with Auth0. Alternatively, check out the iOS Swift - Sign In With Apple tutorial.

New to Auth? Learn How Auth0 works, how it integrates with Native Applications and which protocol it uses.

Configure Auth0

Get Your Application Keys

When you signed up for Auth0, a new application was created for you, or you could have created a new one.

You will need some details about that application to communicate with Auth0. You can get these details from the Application Settings section in the Auth0 dashboard.

You need the following information:

  • Domain
  • Client ID

If you download the sample from the top of this page these details are filled out for you.

If you have more than one application in your account, the sample comes with the values for your Default App.

App Dashboard

Add your credentials in Auth0.plist. If the file does not exist in your project yet, create one with the information below (Apple documentation on Property List Files):

<!-- Auth0.plist -->

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
  <key>ClientId</key>
  <string>YOUR_CLIENT_ID</string>
  <key>Domain</key>
  <string>YOUR_DOMAIN</string>
</dict>
</plist>

Configure Callback URLs

A callback URL is a URL in your application where Auth0 redirects the user after they have authenticated.

The callback URL for your app must be whitelisted in the Allowed Callback URLs field in your Application Settings. If this field is not set, users will be unable to log in to the application and will get an error.

In your application's Info.plist file, register your iOS Bundle identifier as a custom scheme:

<!-- Info.plist -->

<key>CFBundleURLTypes</key>
<array>
    <dict>
        <key>CFBundleTypeRole</key>
        <string>None</string>
        <key>CFBundleURLName</key>
        <string>auth0</string>
        <key>CFBundleURLSchemes</key>
        <array>
            <string>$(PRODUCT_BUNDLE_IDENTIFIER)</string>
        </array>
    </dict>
</array>

If your Info.plist file is not in the format shown above, you can right-click Info.plist in Xcode and select Open As > Source Code.

Go to your Dashboard Settings and make sure that the Allowed Callback URLs field contains the following callback URL:

{PRODUCT_BUNDLE_IDENTIFIER}://YOUR_DOMAIN/ios/{PRODUCT_BUNDLE_IDENTIFIER}/callback

e.g. If your bundle identifier was com.company.myapp and your domain was company.auth0.com then this value would be

com.company.myapp://company.auth0.com/ios/com.company.myapp/callback

Start the Authentication

Universal Login is the easiest way to set up authentication in your application. We recommend using it for the best experience, best security and the fullest array of features.

You can also embed the login dialog directly in your application using the Lock widget. If you use this method, some features, such as single sign-on, will not be accessible. To learn how to embed the Lock widget in your application, follow the Embedded Login sample. Make sure you read the Browser-Based vs. Native Login Flows on Mobile Devices article to learn how to choose between the two types of login flows.

login page

Install Dependencies

Carthage

If you are using Carthage, add the following to your Cartfile:

github "auth0/Auth0.swift" ~> 1.19

Then, run carthage bootstrap.

For more information on how to use Carthage, read their official documentation.

Cocoapods

If you are using Cocoapods, add the following to your Podfile:

use_frameworks!
pod 'Auth0', '~> 1.19'

Then, run pod install.

For more information on how to use Cocoapods, read the Cocoapods documentation.

Add the Callback

For Auth0 to handle the authentication callback, update your AppDelegate file.

First, import the Auth0 module:

import Auth0

Then, add the following UIApplicationDelegate method:

// AppDelegate.swift

func application(_ app: UIApplication, open url: URL, options: [UIApplication.OpenURLOptionsKey : Any]) -> Bool {
    return Auth0.resumeAuth(url, options: options)
}

Implement Login

First, import the Auth0 module in the file where you want to present the login page:

import Auth0

Then, present the login screen:

// HomeViewController.swift

Auth0
    .webAuth()
    .scope("openid profile")
    .audience("https://YOUR_DOMAIN/userinfo")
    .start {
        switch $0 {
        case .failure(let error):
            // Handle the error
            print("Error: \(error)")
        case .success(let credentials):
            // Do something with credentials e.g.: save them.
            // Auth0 will automatically dismiss the login page
            print("Credentials: \(credentials)")
        }
}

This adds the profile scope to enable retrieving the User Profile.

After the user authenticates, their information is returned in a Credentials object.

To learn more about the Credentials object, read the Credentials article.

Configure Logout URLs

A logout URL is a URL in your application that Auth0 can return to after the user has been logged out of the authorization server. This is specified in the returnTo query parameter.

The logout URL for your app must be whitelisted in the Allowed Logout URLs field in your Application Settings. If this field is not set, users will be unable to log out from the application and will get an error.

Implement Logout

To clear the session on the server side you need to invoke the clearSession method. Add the following snippet:

// HomeViewController.swift

Auth0
    .webAuth()
    .clearSession(federated:false) {
        switch $0 {
            case true:
                ...
            case false:
                ...
        }
    }

Go to your Dashboard Settings and make sure that the Allowed Logout URL field contains the following logout callback URL:

{PRODUCT_BUNDLE_IDENTIFIER}://YOUR_DOMAIN/ios/{PRODUCT_BUNDLE_IDENTIFIER}/callback

After the call, the callback will receive a BOOL with the logout status.

Replace {PRODUCT_BUNDLE_IDENTIFIER} with your application's Bundle Identifier, available as the Bundle Identifier attribute inside the Identity section, on your app project properties.

Did it work?
Any suggestion or typo? Edit on GitHub
Use Auth0 for FREE