Configuring Advanced Authentication in iOS Apps

To support advanced auth, all iOS apps require some custom configuration.

Advanced auth in iOS uses the latest iOS technology supported by the current Mobile SDK release.

Here’s a partial list of differences between standard and advanced auth on iOS. These differences are specific to My Domain browser-based authentication.

  • Standard auth flow: This flow uses WKWebView. This class offers a superior user experience with access to the iOS view toolbar and other compelling features.
  • Advanced auth flow: Advanced auth uses the latest iOS technology supported by the current Mobile SDK release. It’s the more secure option—it doesn’t allow the app to set cookies or inject content into the view without the customer's consent. In advanced mode, the auth flow doesn’t swizzle.

In iOS apps, the steps are the same for both MDM certificate-based and browser-based approaches. Perform the following steps to guarantee compatibility with all orgs.

  • Add your custom URL schemes for the OAuth redirect URI to your project’s Info.plist file.

    1. In your app’s Info.plist file, create a key named CFBundleURLTypes.

    2. Assign the key an array that contains a dictionary with the following keys:

      CFBundleURLNameStringA unique abstract name of the URL scheme, preferably an identifier in reverse-DNS style. For example: com.acme.myscheme.
      CFBundleURLSchemesArray of stringsURL scheme names, such as http and mailto.

If your OAuth callback URI is com.mydomain.myapp://oauth/success, add the following key to your Info.plist file:

In this example, the URL scheme and URL name are the same, but this matching is not required. You can add as many schemes as your app requires.