A wrapper to make it really easy to deal with iOS Keychain and store your user's credentials securely.
- Simple interface to store user's credentials (e.g. JWT) in the Keychain.
- Store credentials under an Access Group to enable Keychain Sharing.
- TouchID/FaceID integration with a reusable
Table of Contents
- What is Auth0?
- Create a Free Auth0 Account
- Issue Reporting
- iOS 9.0+ / macOS 10.11+ / tvOS 9.0+ / watchOS 2.0+
- Xcode 10.x
- Swift 4.x/5.x
If you are using Cocoapods, add this line to your
For more information on Cocoapods, check their official documentation.
If you are using Carthage, add the following line to your
For more information about Carthage usage, check their official documentation.
SPM (Xcode 11.2+)
If you are using the Swift Package Manager, open the following menu item in Xcode:
File > Swift Packages > Add Package Dependency...
In the Choose Package Repository prompt add this url:
Then, press Next and complete the remaining steps.
For more information on SPM, check its official documentation.
Save a JWT token or password
let jwt = // user's JWT token obtained after login A0SimpleKeychain().setString(jwt, forKey: "auth0-user-jwt")
Obtain a JWT token or password
let jwt = A0SimpleKeychain().string(forKey: "auth0-user-jwt")
Share a JWT Token with other apps using iOS Access Group
let jwt = // user's JWT token obtained after login let keychain = A0SimpleKeychain(service: "Auth0", accessGroup: "ABCDEFGH.com.mydomain.myaccessgroup") keychain.setString(jwt, forKey: "auth0-user-jwt")
Store and retrieve a JWT token using TouchID/FaceID
Let's save the JWT first:
let jwt = // user's JWT token obtained after login let keychain = A0SimpleKeychain() keychain.useAccessControl = true keychain.defaultAccessiblity = .whenPasscodeSetThisDeviceOnly keychain.setTouchIDAuthenticationAllowableReuseDuration(5.0) keychain.setString(jwt, forKey: "auth0-user-jwt")
If there is an existent value under the key
auth0-user-jwtsaved with AccessControl and
A0SimpleKeychainItemAccessibleWhenPasscodeSetThisDeviceOnly, iOS will prompt the user to enter their passcode or fingerprint before updating the value.
Then let's obtain the value:
let message = NSLocalizedString("Please enter your passcode/fingerprint to login with awesome App!.", comment: "Prompt TouchID message") let keychain = A0SimpleKeychain() let jwt = keychain.string(forKey: "auth0-user-jwt", promptMessage: message)
Remove a JWT token or password
Just clone the repo, run
carthage bootstrap and you're ready to contribute!
What is Auth0?
Auth0 helps you to:
- Add authentication with multiple sources, either social identity providers such as Google, Facebook, Microsoft Account, LinkedIn, GitHub, Twitter, Box, Salesforce (amongst others), or enterprise identity systems like Windows Azure AD, Google Apps, Active Directory, ADFS, or any SAML Identity Provider.
- Add authentication through more traditional username/password databases.
- Add support for linking different user accounts with the same user.
- Support for generating signed JSON Web Tokens to call your APIs and flow the user identity securely.
- Analytics of how, when, and where users are logging in.
Create a Free Auth0 Account
- Go to Auth0 and click Sign Up.
- Use Google, GitHub, or Microsoft Account to login.
If you have found a bug or to request a feature, please raise an issue. Please do not report security vulnerabilities on the public GitHub issue tracker. The Responsible Disclosure Program details the procedure for disclosing security issues.
This project is licensed under the MIT license. See the LICENSE file for more info.