📚 Documentation • 🚀 Getting Started • 📃 Support Policy • 💬 Feedback

Migrating from v1? Check the Migration Guide.

• Quickstart - shows how to integrate Auth0.swift into an iOS / macOS app from scratch.
• Sample App - a complete, running iOS / macOS app you can try.
• Examples - explains how to use most features.
• API Documentation - documentation auto-generated from the code comments that explains all the available features.
  • Web Auth
  • Credentials Manager
  • Authentication API Client
  • Management API Client (Users)
• FAQ - answers some common questions about Auth0.swift.
• Auth0 Documentation - explore our docs site and learn more about Auth0.

• iOS 13.0+ / macOS 11.0+ / tvOS 13.0+ / watchOS 7.0+
• Xcode 14.x / 15.x
• Swift 5.7+

Open the following menu item in Xcode:

File > Add Packages...

In the Search or Enter Package URL search box enter this URL:

https://github.com/auth0/Auth0.swift

Then, select the dependency rule and press Add Package.

Add the following line to your Podfile:

pod 'Auth0', '~> 2.6'

Then, run pod install.

Add the following line to your Cartfile:

github "auth0/Auth0.swift" ~> 2.6

Then, run carthage bootstrap --use-xcframeworks.

Head to the Auth0 Dashboard and create a new Native application.

Auth0.swift needs the Client ID and Domain of the Auth0 application to communicate with Auth0. You can find these details in the settings page of your Auth0 application. If you have a custom domain, use your custom domain instead of the value from the settings page.

Create a plist file named Auth0.plist in your app bundle with the following content:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>ClientId</key>
    <string>YOUR_AUTH0_CLIENT_ID</string>
    <key>Domain</key>
    <string>YOUR_AUTH0_DOMAIN</string>
</dict>
</plist>

Auth0
    .webAuth(clientId: "YOUR_AUTH0_CLIENT_ID", domain: "YOUR_AUTH0_DOMAIN")
    // ...

Auth0
    .authentication(clientId: "YOUR_AUTH0_CLIENT_ID", domain: "YOUR_AUTH0_DOMAIN")
    // ...

Auth0
    .users(token: credentials.accessToken, domain: "YOUR_AUTH0_DOMAIN")
    // ...

The callback and logout URLs are the URLs that Auth0 invokes to redirect back to your app. Auth0 invokes the callback URL after authenticating the user, and the logout URL after removing the session cookie.

Since callback and logout URLs can be manipulated, you will need to add your URLs to the Allowed Callback URLs and Allowed Logout URLs fields in the settings page of your Auth0 application. This will enable Auth0 to recognize these URLs as valid. If the callback and logout URLs are not set, users will be unable to log in and out of the app and will get an error.

Go to the settings page of your Auth0 application and add the corresponding URL to Allowed Callback URLs and Allowed Logout URLs, according to the platform of your app. If you have a custom domain, replace YOUR_AUTH0_DOMAIN with your custom domain instead of the value from the settings page.

YOUR_BUNDLE_IDENTIFIER://YOUR_AUTH0_DOMAIN/ios/YOUR_BUNDLE_IDENTIFIER/callback

YOUR_BUNDLE_IDENTIFIER://YOUR_AUTH0_DOMAIN/macos/YOUR_BUNDLE_IDENTIFIER/callback

For example, if your iOS bundle identifier was com.example.MyApp and your Auth0 Domain was example.us.auth0.com, then this value would be:

com.example.MyApp://example.us.auth0.com/ios/com.example.MyApp/callback

Back in Xcode, go to the Info tab of your app target settings. In the URL Types section, click the ＋ button to add a new entry. There, enter auth0 into the Identifier field and $(PRODUCT_BUNDLE_IDENTIFIER) into the URL Schemes field.

This registers your bundle identifier as a custom URL scheme, so the callback and logout URLs can reach your app.

Import the Auth0 module in the file where you want to present the login page.

import Auth0

Then, present the Universal Login page in the action of your Login button.

Auth0
    .webAuth()
    .start { result in
        switch result {
        case .success(let credentials):
            print("Obtained credentials: \(credentials)")
        case .failure(let error):
            print("Failed with: \(error)")
        }
    }

do {
    let credentials = try await Auth0.webAuth().start()
    print("Obtained credentials: \(credentials)")
} catch {
    print("Failed with: \(error)")
}

Auth0
    .webAuth()
    .start()
    .sink(receiveCompletion: { completion in
        if case .failure(let error) = completion {
            print("Failed with: \(error)")
        }
    }, receiveValue: { credentials in
        print("Obtained credentials: \(credentials)")
    })
    .store(in: &cancellables)

Logging the user out involves clearing the Universal Login session cookie and then deleting the user's credentials from your app.

Call the clearSession() method in the action of your Logout button. Once the session cookie has been cleared, delete the user's credentials.

Auth0
    .webAuth()
    .clearSession { result in
        switch result {
        case .success:
            print("Session cookie cleared")
            // Delete credentials
        case .failure(let error):
            print("Failed with: \(error)")
        }
    }

do {
    try await Auth0.webAuth().clearSession()
    print("Session cookie cleared")
    // Delete credentials
} catch {
    print("Failed with: \(error)")
}

Auth0
    .webAuth()
    .clearSession()
    .sink(receiveCompletion: { completion in
        switch completion {
        case .finished:
            print("Session cookie cleared")
            // Delete credentials
        case .failure(let error):
            print("Failed with: \(error)")
        }
    }, receiveValue: {})
    .store(in: &cancellables)

Check the FAQ for more information about the alert box that pops up by default when using Web Auth.

Learn about most features in Examples ↗

• Store credentials - store the user's credentials securely in the Keychain.
• Check for stored credentials - check if the user is already logged in when your app starts up.
• Retrieve stored credentials - fetch the user's credentials from the Keychain, automatically renewing them if they have expired.
• Clear stored credentials - delete the user's credentials to complete the logout process.
• Retrieve user information - fetch the latest user information from the /userinfo endpoint.

This Policy defines the extent of the support for Xcode, Swift, and platform (iOS, macOS, tvOS, and watchOS) versions in Auth0.swift.

The only supported versions of Xcode are those that can be currently used to submit apps to the App Store. Once a Xcode version becomes unsupported, dropping it from Auth0.swift will not be considered a breaking change, and will be done in a minor release.

The minimum supported Swift minor version is the one released with the oldest-supported Xcode version. Once a Swift minor becomes unsupported, dropping it from Auth0.swift will not be considered a breaking change, and will be done in a minor release.

Once a platform version becomes unsupported, dropping it from Auth0.swift will not be considered a breaking change, and will be done in a minor release. For example, iOS 13 will cease to be supported when iOS 17 gets released, and Auth0.swift will be able to drop it in a minor release.

In the case of macOS, the yearly named releases are considered a major platform version for the purposes of this Policy, regardless of the actual version numbers.

We appreciate feedback and contribution to this repo! Before you get started, please see the following:

• Auth0's general contribution guidelines
• Auth0's code of conduct guidelines
• Auth0.swift's contribution guide

To provide feedback or report a bug, please raise an issue on our issue tracker.

Please do not report security vulnerabilities on the public GitHub issue tracker. The Responsible Disclosure Program details the procedure for disclosing security issues.

Auth0 is an easy-to-implement, adaptable authentication and authorization platform. To learn more check out Why Auth0?

This project is licensed under the MIT license. See the LICENSE file for more info.