iOS Swift: User Sessions
This tutorial will show you how to handle user sessions and retrieve the user's profile. We recommend you to Log in to follow this quickstart with examples configured for your account.
I want to integrate with my app15 minutes
I want to explore a sample app2 minutes
Get a sample configured with your account settings or check it out on Github.
This guide shows you how to use the credentials manager to store and Refresh Tokens.
Save the User's Credentials When They Log in
When your users log in successfully, save their credentials. You can then log them in automatically when they open your application again.
To get a Refresh Token during authentication, use the
offline_access scope. You can use the Refresh Token to request a new Access Token when the previous one expires.
First, import the
Auth0 module to the file that will present the login page:
Next, present the login page:
Check for Credentials When the User Opens Your Application
When the user opens your application, check for valid credentials. If they exist, you can log the user in automatically and redirect them to the app's main flow without any additional login steps.
First, you check if the credentials manager has valid credentials:
Next, retrieve the credentials:
If the credentials have expired, the credentials manager will automatically renew them for you with the Refresh Token.
Clear the Keychain When the User Logs Out
When you need to log the user out, remove their credentials from the keychain:
Retrieve the User Profile
To get the user's profile, you need a valid Access Token. You can find the token in the
credentials object returned by the credentials manager.
User Profile Information
To show the information contained in the user profile, access its properties, for example:
You can request more information than returned in the basic profile. To do this, you will be accessing the Auth0 Management API.
You will need to update the original login scopes to include
read:current_user to gain access to the full profile data and
update:current_user_metadata to gain access to patch this data.
You will also need to change your audience to the API Audience identifier for the Management API.
The default identifier is
Putting this all together you should have a login that looks like:
Patch User Metadata
You can add custom user information in the user metadata section by performing a
Retrieve User Metadata
user_metadata dictionary contains fields related to the user profile.
You can specify the fields you want to retrieve, or use an empty array
 to pull back the full user profile.
Accessing the user's metadata. You can choose the key names and set the appropriate type for the
user_metadata dictionary data.