Docs

iOS Swift: Login

View on Github

iOS Swift: Login

Gravatar for martin.walsh@auth0.com
By Martin Walsh

This tutorial demonstrates how to add user login to a Swift application using Auth0. We recommend that you log in to follow this quickstart with examples configured for your account.

Or

I want to explore a sample app

2 minutes

Get a sample configured with your account settings or check it out on Github.

View on Github
System requirements: Cocoapods 1.9 | iOS 9+ | Xcode 12.x / 13.x

Before You Start

This tutorial demonstrates how to add user login to a Swift application using Web Authentication with Auth0. Alternatively, check out the iOS Swift - Sign In With Apple tutorial.

New to Auth? Learn How Auth0 works, how it integrates with Native Applications and which protocol it uses.

Configure Auth0

Get Your Application Keys

When you signed up for Auth0, a new application was created for you, or you could have created a new one. You will need some details about that application to communicate with Auth0. You can get these details from the Application Settings section in the Auth0 dashboard.

App Dashboard

When using the Default App with a Native or Single Page Application, ensure to update the Token Endpoint Authentication Method to None and set the Application Type to either SPA or Native.

You need the following information:

  • Domain
  • Client ID

If you download the sample from the top of this page, these details are filled out for you.

Add your credentials in Auth0.plist. If the file does not exist in your project yet, create one with the information below (Apple documentation on Property List Files):

<!-- Auth0.plist -->

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
  <key>ClientId</key>
  <string>YOUR_CLIENT_ID</string>
  <key>Domain</key>
  <string>YOUR_DOMAIN</string>
</dict>
</plist>

Configure Callback URLs

A callback URL is a URL in your application where Auth0 redirects the user after they have authenticated. The callback URL for your app must be added to the Allowed Callback URLs field in your Application Settings. If this field is not set, users will be unable to log in to the application and will get an error.

In your application's Info.plist file, register your iOS Bundle identifier as a custom scheme:

<!-- Info.plist -->

<key>CFBundleURLTypes</key>
<array>
    <dict>
        <key>CFBundleTypeRole</key>
        <string>None</string>
        <key>CFBundleURLName</key>
        <string>auth0</string>
        <key>CFBundleURLSchemes</key>
        <array>
            <string>$(PRODUCT_BUNDLE_IDENTIFIER)</string>
        </array>
    </dict>
</array>

If your Info.plist file is not in the format shown above, you can right-click Info.plist in Xcode and select Open As > Source Code.

Go to your Dashboard Settings and make sure that the Allowed Callback URLs field contains the following callback URL:

{PRODUCT_BUNDLE_IDENTIFIER}://YOUR_DOMAIN/ios/{PRODUCT_BUNDLE_IDENTIFIER}/callback

e.g. If your bundle identifier was com.company.myapp and your domain was company.auth0.com then this value would be

com.company.myapp://company.auth0.com/ios/com.company.myapp/callback

Start the Authentication

Universal Login is the easiest way to set up authentication in your application. We recommend using it for the best experience, best security and the fullest array of features.

You can also embed the login dialog directly in your application using the Lock widget. If you use this method, some features, such as single sign-on, will not be accessible. To learn how to embed the Lock widget in your application, follow the Embedded Login sample. Make sure you read the Browser-Based vs. Native Login Flows on Mobile Devices article to learn how to choose between the two types of login flows.

Universal Login

Install Dependencies

Cocoapods

If you are using Cocoapods, add this line to your Podfile:

pod 'Auth0', '~> 1.0'

Then run pod install.

For more information on Cocoapods, check their official documentation.

Carthage

If you are using Carthage, add the following line to your Cartfile:

github "auth0/Auth0.swift" ~> 1.0

Then run carthage bootstrap.

For more information about Carthage usage, check their official documentation.

SPM

If you are using the Swift Package Manager, open the following menu item in Xcode:

File > Add Packages...

In the Search or Enter Package URL search box enter this url:

https://github.com/auth0/Auth0.swift.git

Then select the dependency rule and press Add Package.

For further reference on SPM, check its official documentation.

Add the Callback (iOS < 11 only)

Skip this step if your app targets iOS 11+ (e.g. if it uses the SwiftUI app lifecycle).

For Auth0 to handle the authentication callback, update your AppDelegate file.

First, import the Auth0 module:

import Auth0

Then, add the following UIApplicationDelegate method:

// AppDelegate.swift

func application(_ app: UIApplication, open url: URL, options: [UIApplication.OpenURLOptionsKey : Any]) -> Bool {
    return Auth0.resumeAuth(url, options: options)
}

Implement Login

First, import the Auth0 module in the file where you want to present the login page:

import Auth0

Then, in the action of your Login button, add the following snippet to present the login screen:

// HomeViewController.swift

Auth0
    .webAuth()
    .scope("openid profile")
    .audience("https://YOUR_DOMAIN/userinfo")
    .start { result in
        switch result {
        case .failure(let error):
            // Handle the error
            print("Error: \(error)")
        case .success(let credentials):
            // Do something with credentials e.g.: save them.
            // Auth0 will automatically dismiss the login page
            print("Credentials: \(credentials)")
        }
}

This adds the profile scope to enable retrieving the User Profile.

After the user authenticates, their information is returned in a Credentials object.

To learn more about the Credentials object, read the Credentials article.

Configure Logout URLs

A logout URL is a URL in your application that Auth0 can return to after the user has been logged out of the authorization server. This is specified in the returnTo query parameter. The logout URL for your app must be added to the Allowed Logout URLs field in your Application Settings. If this field is not set, users will be unable to log out from the application and will get an error.

Implement Logout

To clear the Universal Login session you need to invoke the clearSession method. Add the following snippet in the action of your Logout button:

// HomeViewController.swift

Auth0
    .webAuth()
    .clearSession(federated: false) { result in
        if result {
            // Session cleared
        }
    }

Go to your Dashboard Settings and make sure that the Allowed Logout URL field contains the following logout callback URL:

{PRODUCT_BUNDLE_IDENTIFIER}://YOUR_DOMAIN/ios/{PRODUCT_BUNDLE_IDENTIFIER}/callback

After the call, the callback will receive a BOOL with the logout status.

Replace {PRODUCT_BUNDLE_IDENTIFIER} with your application's Bundle Identifier, available as the Bundle Identifier attribute inside the Identity section, on your app project properties.

Did it work?
Any suggestion or typo? Edit on GitHub
Use Auth0 for FREE