ForgeRock Developer Experience

Step 6. Understand the authentication flow

The SDKs use authentication journeys/trees for user authentication.

Specify which tree or journey the SDK should use in the forgerock_auth_service_name property in the FRAuthConfig.plist configuration file.

Although the SDK implements classes for supported callbacks in the FRAuth module, the module itself cannot render the callback requirements as UI elements. You must implement a UI element for each callback object and you must handle each node object.

For a list of callbacks the SDK implements in the FRAuth module, see FRAuth in the API reference.

To begin the authentication flow, use one of the following methods:

FRUser.login()

This method returns an FRUser object on completion of the journey.

Refer to FRUser in the class reference.

FRSession.authenticate()

This method returns either a Token or AccessToken object on completion of the journey.

Refer to FRSession in the class reference.

Both methods return a node object if the journey is ongoing.

The node object includes an array of callbacks that represent the information the server requires to authenticate your users.

Some of these callbacks require you to render a UI element for completion by the user, such as a username or password field.

Obtain the required values and call node.next(). This causes the SDK to submit the callback objects to the server. It is important to use the correct parameters in the node.next() call depending on the type of result you expect from the journey:

AccessToken

Use this method to step through the journey:

node.next(completion: { (user: AccessToken?, node, error) in
    self.handleNode(token, node, error)
})
Token

Use this method to step through the journey:

node.next(completion: { (user: Token?, node, error) in
    self.handleNode(token, node, error)
})
FRUser

Use this method to step through the journey:

node.next(completion: { (user: FRUser?, node, error) in
    self.handleNode(user, node, error)
})

Each node within an authentication journey returns one of the following:

  1. The next Node object in the journey to process

    The Node object is a representation of a step in the authentication process, which requires user interaction to provide input into each Callback object within the Node instance.

    Keep iterating through callbacks and calling node.next() until the journey completes.

  2. The result of the completed journey. Possible results objects are:

    Token

    A session token as a Token object.

    AccessToken

    An OAuth 2.0 access token, other OAuth 2.0 tokens, or values associated with the access token.

    FRUser

    Abstract layer of the currently authenticated user session.

  3. An error

    An error occurred during the authentication process.

Copyright © 2010-2024 ForgeRock, all rights reserved.