Step 6. Understand the authentication flow
The SDKs use authentication journeys/trees for user authentication.
Specify which tree or journey the SDK should use in the forgerock_auth_service_name
property in the FRAuthConfig.plist
configuration file.
Although the SDK implements classes for supported callbacks in the FRAuth
module, the module itself cannot render the callback requirements as UI elements. You must implement a UI element for each callback object and you must handle each node object.
For a list of callbacks the SDK implements in the FRAuth
module, see
FRAuth in the API reference.
To begin the authentication flow, use one of the following methods:
Both methods return a node
object if the journey is ongoing.
The node
object includes an array of callbacks that represent the information the server requires to authenticate your users.
Some of these callbacks require you to render a UI element for completion by the user, such as a username or password field.
Obtain the required values and call node.next()
. This causes the SDK to submit the callback objects to the server. It is important to use the correct parameters in the node.next()
call depending on the type of result you expect from the journey:
AccessToken
-
Use this method to step through the journey:
node.next(completion: { (user: AccessToken?, node, error) in self.handleNode(token, node, error) })
Token
-
Use this method to step through the journey:
node.next(completion: { (user: Token?, node, error) in self.handleNode(token, node, error) })
FRUser
-
Use this method to step through the journey:
node.next(completion: { (user: FRUser?, node, error) in self.handleNode(user, node, error) })
Each node within an authentication journey returns one of the following:
-
The next
Node
object in the journey to processThe Node object is a representation of a step in the authentication process, which requires user interaction to provide input into each
Callback
object within theNode
instance.Keep iterating through callbacks and calling
node.next()
until the journey completes. -
The result of the completed journey. Possible results objects are:
Token
-
A session token as a
Token
object. AccessToken
-
An OAuth 2.0 access token, other OAuth 2.0 tokens, or values associated with the access token.
FRUser
-
Abstract layer of the currently authenticated user session.
-
An error
An error occurred during the authentication process.