This sample iOS application demonstrates how to handle sign-up, sign-in, sign-out, and reset-password scenarios using Microsoft Entra External ID for customers. You can configure the sample to call a protected web API.
File/folder | Description |
---|---|
NativeAuthSampleApp.xcodeproj |
This sample application project file. |
NativeAuthSampleApp/Configuration.swift |
Configuration file. |
CONTRIBUTING.md |
Guidelines for contributing to the sample. |
README.md |
This README file. |
LICENSE |
The license for the sample. |
- Xcode
- Microsoft Entra External ID for customers tenant. If you don't already have one, sign up for a free trial
To enable your application to authenticate users with Microsoft Entra, Microsoft Entra ID for customers must be made aware of the application you create. The following steps show you how to:
Register your app in the Microsoft Entra admin center using the steps in Register an application.
Enable public client and native authentication flows for the registered application using the steps in Enable public client and native authentication flows.
Grant API permissions to the registered application by following the steps in Grant API permissions.
Create a user flow by following the steps in Create a user flow.
Associate the application with the user flow by following the steps in Associate the application with the user flow.
Clone the sample iOS mobile application by following the steps outlined in Clone sample iOS mobile application.
Configure the sample iOS mobile application by following the steps in Configure the sample iOS mobile application.
Run and test the iOS sample mobile application by following the steps in Run and test sample iOS mobile application.
Follow the steps in Sign in users and call an API in a sample iOS mobile app by using native authentication to sign in users and call a protected API in the iOS sample mobile app.
Add email one-time passcode MFA to the sign in flow by following the steps in Add email one-time passcode MFA to your iOS/macOS app.
Open NativeAuthSampleApp/Configuration.swift
file and you find the following lines of code:
import MSAL
@objcMembers
class Configuration: NSObject {
// Update the below to your client ID and tenantSubdomain you received in the portal.
static let clientId = "Enter_the_Application_Id_Here"
static let tenantSubdomain = "Enter_the_Tenant_Subdomain_Here"
}
The code creates two constant properties:
- clientId - the value Enter_the_Application_Id_Here is replaced with Application (client) ID of the app you register during the project setup. The Application (client) ID is unique identifier of your registered application.
- tenantSubdomain - the value Enter_the_Tenant_Subdomain_Here is replaced with the Directory (tenant) subdomain. The tenant subdomain URL is used to construct the authentication endpoint for your app.
You use NativeAuthSampleApp/Configuration.swift
file to set configuration options when you initialize the client app in the Microsoft Authentication Library (MSAL).
To create SDK instance, use the following code:
import MSAL
var nativeAuth: MSALNativeAuthPublicClientApplication!
do {
nativeAuth = try MSALNativeAuthPublicClientApplication(
clientId: Configuration.clientId,
tenantSubdomain: Configuration.tenantSubdomain,
challengeTypes: [.OOB, .password]
)
} catch {
print("Unable to initialize MSAL \(error)")
showResultText("Unable to initialize MSAL")
}
You create MSAL instance so that you can perform authentication logic and interact with your tenant through native authentication APIs. The MSALNativeAuthPublicClientApplication
creates an instance called nativeAuth
. The clientId
and tenantSubdomain
, defined in the configuration file NativeAuthSampleApp/Configuration.swift
file, are passed as parameters. For more information about SDK instance, see Tutorial: Prepare your iOS app for native authentication
- Search the GitHub issues in the repository - your problem might already have been reported or have an answer.
- Nothing similar? Open an issue that clearly explains the problem you're having running the sample app.
If you'd like to contribute to this sample, see CONTRIBUTING.MD.
This project has adopted the Microsoft Open Source Code of Conduct. For more information, see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.