ForgeRock Developer Experience

Set up social login in iOS apps

This page shows how to use the iOS SDK with authentication journeys that provide social login and registration.

Setup your providers

Configure Facebook

  1. Create a Facebook client for iOS.

    Facebook provides you with the .plist configuration.

  2. Follow the instructions on the page and copy the values in your app’s Info.plist in Xcode.

    The final Info.plist file in your project, containing the Facebook generated Custom URL Scheme, and the LSApplicationQueriesSchemes, should look something like this:

    FB XcodePlist
  3. Include the FRFacebookSignIn module in your project.

    The FRFacebookSignIn is a new module that is distributed separately of FRAuth.

    Assuming you are using CocoaPods, add the following lines in your projects Podfile:

    pod 'FRAuth'
    pod 'FRFacebookSignIn'
    ...
    ... Other Pods
    ...
  4. Run the following command to install pods:

    pod install
    Alternatively, you can add the FRFacebookSignIn module to your project using the Swift Package Manager in Xcode.
  5. Initialize the Facebook sign-in handler in your app’s AppDelegate file:

    1. Locate the following method:

      func application(_ application: UIApplication, didFinishLaunchingWithOptions launchOptions: [UIApplication.LaunchOptionsKey: Any]?)
    2. Add a call to the FacebookSignInHandler.application(_:didFinishLaunchingWithOptions:) method, before the return true line:

      FacebookSignInHandler.application(application, didFinishLaunchingWithOptions: launchOptions)

      The result might resemble the following:

      func application(_ application: UIApplication, didFinishLaunchingWithOptions launchOptions: [UIApplication.LaunchOptionsKey: Any]?) -> Bool {
      
          // Enable logs for all levels
          FRLog.setLogLevel([ .all])
      
          // Initialize the Facebook sign-in handler
          FacebookSignInHandler.application(application, didFinishLaunchingWithOptions: launchOptions)
      
          return true
      }

Configure Google

  1. Create a Google client for iOS.

    For details, refer to Create a Google client.

  2. Access the client in the Google Console, and make a note of the generated custom iOS URL scheme:

    Google ClientId
  3. Configure your Xcode project with the Google generated custom iOS URL scheme:

    1. Select your project file, select the app target, and in the Info pane, expand the URL Types option.

    2. Click on the icon to add a new custom URL scheme, and paste the generated URL scheme in the URL Scheme field.

    The configuration should look something like this:

    Google Xcode
  4. Include the FRGoogleSignIn module in your project.

    The FRGoogleSignIn is a new module that is distributed separately of FRAuth.

    Assuming you are using CocoaPods, add the following lines in your projects Podfile:

    pod 'FRAuth'
    pod 'FRGoogleSignIn'
    ...
    ... Other Pods
    ...
  5. Run the following command to install pods:

    pod install
The FRGoogleSignIn module is not available through the Swift Package Manager.

Configure Apple

  1. Create an Apple Client for iOS.

    For details, refer to Create an Apple client.

  2. Configure your Xcode project with the Google generated custom iOS URL scheme.

  3. Select your project file, select the app target and go to the Signing & Capabilities tab in Xcode.

  4. Click the + Capability button, and search for Sign In with Apple.

    After enabling the capability the Xcode page should look something like this.

    Apple Capabilities

Authenticate with ForgeRock

Use the ForgeRock iOS SDK

After configuring social providers in Identity Cloud, and configuring your Xcode project to work with Facebook, Google, and Apple IdPs, you are ready to use the ForgeRock iOS SDK to authenticate.

The first callback your app encounters is the SelectIdPCallback, which lets the user choose their IdP. Use the providers array to display the available providers, and setProvider() method when the user makes a choice:

// Within your login flow
let selectIdPCallback = callback as? SelectIdPCallback
let providersArray = selectIdPCallback.providers

// display providers
// user makes choice

// Sets provider on the callback within `selectIdPCallback`
selectIdPCallback.setProvider(provider: providersArray[self.selectedIndex])
node.next { (user: FRUser?, node, error) in

    // Handle node

}

The next callback returned is the IdPCallback.

The SDK automatically identifies the correct IdP for authentication as long as the IdPClient, derived from the Social Identity Provider Service configuration in AM, contains facebook, google or apple. Detection is case-insensitive.

//  Node is returned with IdPCallback
let idpCallback = node.callbacks.first as! IdPCallback

//  Call the following to perform login
callback.signIn(handler: nil) {
  (token: String?, tokenType: String?, error: Error?) in

  //  Social Login flow is completed
  node.next { (user: FRUser?, node, error) in
    //Handle node
  }
}

To override the automatic provider detection and identify the returned provider manually, check the IdPClient provider value in the returned IdPCallback as shown in the example below:

//  Node is returned with IdPCallback
let idpCallback = node.callbacks.first as! IdPCallback
//  Based on IdPClient in IdPCallback, choose the correct handler
var handler: IdPHandler?
if idpCallback.idpClient.provider == "facebook-ios" {
    handler = FacebookSignInHandler()
}
else if idpCallback.idpClient.provider == "google-ios" {
    handler = GoogleSignInHandler()
}
else if idpCallback.idpClient.provider == "apple-ios" {
    handler = AppleSignInHandler()
}
else {
    throw error
}

//  If the handler has been found and initialized, call the following to perform login
callback.signIn(handler: handler) { (token: String?, tokenType: String?, error: Error?) in

  //  Social Login flow is completed
  node.next { (user: FRUser?, node, error) in
    //Handle node
  }

}