Authentication toolkit component

In this SDK, all aspects of ArcGIS and network authentication have been encapsulated into a single ArcGIS Maps SDK for Swift toolkit component called the Authenticator. This component supports multiple types of authentication challenges, including ArcGIS authentication methods (OAuth, Identity-Aware Proxy (IAP), and ArcGIS token), Integrated Windows Authentication (IWA), and Client Certificate (PKI). It also provides default user interfaces for login prompts, certificate selection prompts, and server trust dialogs. For example, here is the default alert prompting the user for username and password credentials:

Authenticator LoginViewModifier to present a login alert

Using the Authenticator toolkit component

In the application's App struct, import the ArcGISToolkit and create an instance of the Authenticator. Ensure that the application's AuthenticationManager uses the authenticator to handle authentication challenges. Set the authenticator view modifier so that a prompt can be displayed if the authenticator is asked to handle an authentication challenge.

Use dark colors for code blocksCopy

import SwiftUI
import ArcGIS
import ArcGISToolkit

struct AuthenticationApp: App {

    @ObservedObject var authenticator: Authenticator

    init() {
        // Creates an authenticator object.
        authenticator = Authenticator()
        // Sets the authenticator to handle authentication challenges.
        ArcGISEnvironment.authenticationManager.handleChallenges(using: authenticator)
    }


    var body: some SwiftUI.Scene {
        WindowGroup {
            ContentView()
            // Sets the authenticator view modifier.
            .authenticator(authenticator)


        }
    }

}

If the authenticator is going to use OAuth or Identity-Aware Proxy (IAP), you must specify the necessary configurations in a task in the application's body property.

Use dark colors for code blocksCopy
    var body: some SwiftUI.Scene {
        WindowGroup {
            ContentView()
            // Sets the authenticator view modifier.
            .authenticator(authenticator)

            // Defines the OAuth or Identity-Aware Proxy (IAP) configurations.
            .task {
                authenticator.oAuthUserConfigurations.append(
                    OAuthUserConfiguration(
                        portalURL: URL(string: "Your client portal URL goes here")!,
                        clientID: "Your client ID goes here",
                        redirectURL: URL(string: "Your redirect URL goes here")!
                    )
                )
                try? await authenticator.iapConfigurations.append(
                    IAPConfiguration.configuration(from: URL(filePath: "Your IAP configuration JSON file path goes here")!)
                )
            }


        }
    }

You can also configure the authenticator to persist credentials in the keychain. If the application is restarted, the store of credentials is automatically pre-populated with saved credentials and the user does not have to sign in again.

Use dark colors for code blocksCopy
            // Persists the credentials in the keychain.
            .task {
                try? await ArcGISEnvironment.authenticationManager.setupPersistentCredentialStorage(
                    access: .whenUnlockedThisDeviceOnly,
                    synchronizesWithiCloud: false
                )
            }

During application sign-out, you should revoke all tokens then clear all credentials from the credentials stores.

Use dark colors for code blocksCopy
        // Revokes OAuth refresh and access tokens
        await ArcGISEnvironment.authenticationManager.revokeOAuthTokens()
        // Clears all ArcGIS and network credentials from their respective stores.
        await ArcGISEnvironment.authenticationManager.clearCredentialStores()

To see the Authenticator in action, check out the Authentication Example application and refer to AuthenticationApp.swift in your project.