Learn About Authenticating an iOS Mobile App with Oracle Identity Cloud Service

Your customers expect their mobile apps to access your services securely, and they value single sign-on (SSO) authentication. Oracle Identity Cloud Service provides platform-specific SDKs that encapsulate the logic you'll need to create iOS mobile applications.

Oracle Identity Cloud Service provides identity management, single sign-on, and identity governance for your applications. It also provides the security platform for Oracle Cloud, which lets you securely and easily access, develop, and deploy your applications. Oracle Identity Cloud Service can function as an identity provider, to centralize the authentication mechanism, handle all password management responsibilities, and provide single sign-on for your applications.

Architecture

The following architecture diagram shows how an iOS mobile application uses the SDK for iOS Applications to perform OpenID Connect authentication with Oracle Identity Cloud Service, based on the authorization code grant type.

Description of the illustration ios-mobile-sdk-architecture.png

The authorization code grant type consists of the following steps:

1. The user opens the app on a mobile device.

2. The app uses the SDK for iOS Applications to access Oracle Identity Cloud Service and get information about the authentication method.

3. The app forwards control to a mobile browser to authenticate with Oracle Identity Cloud Service.

4. Oracle Identity Cloud Service sends the sign-in page and the user submits credentials for validation. After the Open ID Connect authentication flow ends, Oracle Identity Cloud Service issues a token.

5. The mobile browser forwards control to the mobile app, and then closes.

6. The mobile app receives the issued token and uses the SDK to display user information on the mobile device.

About the Sample iOS Mobile App

To help you understand how to use the SDK for iOS Applications, you can use a sample iOS mobile application as a reference.

Instead of creating a mobile application from scratch, Oracle provides a sample application that you can integrate with Oracle Identity Cloud Service for authentication.

The sample mobile application includes the following types of content:

• Web-views that are publicly accessible

• Private web-views that verify the existence of an Oracle Identity Cloud Service user access token, in the session that the user has with the application

The sample application is based on Swift and uses the framework version of the SDK for iOS Applications.

You should not use the sample application for production purposes. It doesn't adhere to the iOS best practices, such as data handling, patterns, and security. The sole purpose of the sample application is to recommend an approach to integrate Oracle Identity Cloud Service with a custom application by using the SDK for iOS Applications.

Before You Begin

Before you begin development of your iOS mobile applications, ensure you have read these related design solutions:

• Learn about APIs for your mobile apps
• Learn how to access data from an Autonomous Mobile Cloud application

About Required Services and Roles

An Oracle Identity Cloud Service administrator must be able to access the Oracle Identity Cloud Service console.

You must have the following roles:

Role	Required to...
User administrator	Create users, create groups, and assign groups to users.
Security administrator	Access the Downloads page of the Oracle Identity Cloud Service console. From this page, you can download the SDK.
Application administrator	Manage applications in Oracle Identity Cloud Service, which includes registering the sample mobile app with Oracle Identity Cloud Service.

See Learn how to get Oracle Cloud services for Oracle Solutions.