A Keychain helper for iOS to make it very simple to store/obtain values from iOS Keychain
Objective-C Swift Ruby
Clone or download
Latest commit b36bcfa May 1, 2018



CI Status Version License Platform Carthage compatible

A wrapper to make it really easy to deal with iOS Keychain and store your user's credentials securely.

Key Features

  • Simple interface to store user's credentials (e.g. JWT) in the Keychain.
  • Store credentials under an Access Group to enable Keychain Sharing.
  • Support for iOS 8 Access Control for fine grained access control. (Only for iOS 8+)
  • TouchID and Keychain integration with iOS 8 new accessibility field kSecAttrAccessibleWhenPasscodeSetThisDeviceOnly. (Only for iOS 8+)


At least iOS 7, if you want to use kSecAttrAccessControl with the flag useAccessControl you need to have iOS 8+.



SimpleKeychain is available through CocoaPods. To install it, simply add the following line to your Podfile:

pod "SimpleKeychain"

Or you can add A0SimpleKeychain.h and A0SimpleKeychain.m to your project.


In your Cartfile add

github "auth0/SimpleKeychain"

Before Getting Started


Just import in your source file's header:

#import <SimpleKeychain/SimpleKeychain.h>


Import Lock module in your swift file:

import SimpleKeychain


Save a JWT token or password

NSString *jwt = //user's JWT token obtained after login
[[A0SimpleKeychain keychain] setString:jwt forKey:@"auth0-user-jwt"];
let jwt = //user's JWT token obtained after login
A0SimpleKeychain().setString(jwt, forKey:"auth0-user-jwt")

Obtain a JWT token or password

NSString *jwt = [[A0SimpleKeychain keychain] stringForKey:@"auth0-user-jwt"];
let jwt = A0SimpleKeychain().string(forKey: "auth0-user-jwt")

Share JWT Token with other apps using iOS Access Group

NSString *jwt = //user's JWT token obtained after login
A0SimpleKeychain *keychain = [A0SimpleKeychain keychainWithService:@"Auth0" accessGroup:@"ABCDEFGH.com.mydomain.myaccessgroup"];
[keychain setString:jwt forKey:@"auth0-user-jwt"];
let jwt = //user's JWT token obtained after login
let keychain = A0SimpleKeychain(service: "Auth0", accessGroup: "ABCDEFGH.com.mydomain.myaccessgroup")
keychain.setString(jwt, forKey:"auth0-user-jwt")

Store and retrieve JWT token using TouchID and Keychain AcessControl attribute (iOS 8 Only).

Let's save the JWT first:

NSString *jwt = //user's JWT token obtained after login
A0SimpleKeychain *keychain = [A0SimpleKeychain keychain];
keychain.useAccessControl = YES;
keychain.defaultAccessiblity = A0SimpleKeychainItemAccessibleWhenPasscodeSetThisDeviceOnly;
[keychain setString:jwt forKey:@"auth0-user-jwt"];
let jwt = //user's JWT token obtained after login
let keychain = A0SimpleKeychain()
keychain.useAccessControl = true
keychain.defaultAccessiblity = .whenPasscodeSetThisDeviceOnly
keychain.setString(jwt, forKey:"auth0-user-jwt")

If there is an existent value under the key auth0-user-jwt saved with AccessControl and A0SimpleKeychainItemAccessibleWhenPasscodeSetThisDeviceOnly, iOS will prompt the user to enter their passcode or fingerprint before updating the value.

Then let's obtain the value

NSString *message = NSLocalizedString(@"Please enter your passcode/fingerprint to login with awesome App!.", @"Prompt TouchID message");
A0SimpleKeychain *keychain = [A0SimpleKeychain keychain];
NSString *jwt = [keychain stringForKey:@"auth0-user-jwt" promptMessage:message];
let message = NSLocalizedString("Please enter your passcode/fingerprint to login with awesome App!.", comment: "Prompt TouchID message")
let keychain = A0SimpleKeychain()
let jwt = keychain.string(forKey: "auth0-user-jwt", promptMessage:message)

Remove a JWT token or password

[[A0SimpleKeychain keychain] deleteEntryForKey:@"auth0-user-jwt"];
A0SimpleKeychain().deleteEntry(forKey: "auth0-user-jwt")


Just clone the repo, and run pod install from the Example directory and you're ready to contribute!.

Issue Reporting

If you have found a bug or if you have a feature request, please report them at this repository issues section. Please do not report security vulnerabilities on the public GitHub issue tracker. The Responsible Disclosure Program details the procedure for disclosing security issues.


SimpleKeychain is available under the MIT license. See the [LICENSE file](LICENSE file) for more info.



What is Auth0?

Auth0 helps you to:

  • Add authentication with multiple authentication sources, either social like Google, Facebook, Microsoft Account, LinkedIn, GitHub, Twitter, Box, Salesforce, amont others, or enterprise identity systems like Windows Azure AD, Google Apps, Active Directory, ADFS or any SAML Identity Provider.
  • Add authentication through more traditional username/password databases.
  • Add support for linking different user accounts with the same user.
  • Support for generating signed Json Web Tokens to call your APIs and flow the user identity securely.
  • Analytics of how, when and where users are logging in.
  • Pull data from other sources and add it to the user profile, through JavaScript rules.

Create a free account in Auth0

  1. Go to Auth0 and click Sign Up.
  2. Use Google, GitHub or Microsoft Account to login.