1. Developing Live Experience
  2. Authenticate with Live Experience for iOS

Authenticate with Live Experience for iOS

Set up User Authentication and Live Experience Authentication, which are two necessary steps for adding Live Experience to your iOS app.

User Authentication refers to confirming that a user who's accessing your application is who they say they are. Your greater organization will determine how that authentication is handled. For instance, you may need to use OAuth authentication through a third-party provider such as Google, Facebook, or Yahoo. In other cases, you may use your own organization's single sign-on (SSO) facilities, some sort of LDAP system, or during development, you may use a simple username and shared password. In any case, you'll need to design an appropriate user interface workflow along with the supporting backend code.

The following graphic shows the flow if you're using your own SSO/LDAP workflow. Shows the authentication workflow if you are using your own corporate directory for single sign on. Your app requires your users to authenticate using your LDAP and SSO resources to confirm they are who they say they are. Once complete, your app retrieves a JSON web token (JWT) from Live Experience. The JWT is used for each application connection to Live Experience.

The following graphic shows the flow if you're using a third party OAuth platform such as Facebook, Google, or Yahoo. Shows the authentication workflow if you're using a third-party authentication platform. The platform needs to use the OAuth2 authentication protocol. First, your app requires a user to authenticate using an OAuth2 resource to confirm they are who they say they are. Next, the user is redirected to a public OAuth2 service (such as Google or Facebook). Once the authentication is complete, the your application receives a JSON web token (JWT) from Live Experience. The JWT is used for each application connection to Live Experience.

After you authenticate a user, assuming it's required for your application, you then need to handle Live Experience Authentication. To authenticate with Live Experience, you obtain a JSON Web Token (JWT) from Live Experience which you use when opening any connection. You use standard Swift APIs to communicate with a simple script that you deploy on a web server in your own domain. See Deploy the Sample JWT Script. While the supplied script is sufficient for development, you'll want to create something more secure for a production environment using the REST call described in Retrieve a JWT Access Token Using the Auth REST Call.

Follow the steps below to obtain a JWT from Live Experience.

  1. Deploy the script as described in Deploy the Sample JWT Script.
  2. Retrieve the JWT from the script's return value using code similar to the following: 
    let rqst = NSMutableURLRequest(url: URL(string: "https://your-server/cgi-bin/auth.sh")!)
let session = URLSession.shared
rqst.httpMethod = "GET"
rqst.addValue("application/json", forHTTPHeaderField: "Accept")
_ = session.dataTask(with: rqst as URLRequest,
 completionHandler: {data, response, error -> Void in
 guard let data = data, let _ = response, error == nil else { return }
 do {
 if let json = try JSONSerialization.jsonObject(with: data) as? 
 [String: Any] {
 let access_token = json["access_token"] as? [[String: Any]] ?? []
 print(access_token)
 // Pass access_token to the authentication method...
 }
 } catch let error as NSError {
 print(error)
 }
})

Results:

After you obtain the JWT access_token, you can use it to authenticate with Live Experience. See Adding and Configuring the Live Experience Widget for your iOS App.