DEV Community

Cover image for Passkey iOS SDK - Authsignal
Authsignal
Authsignal

Posted on

Passkey iOS SDK - Authsignal

#passkeys #programming #ios #mobile

What are passkeys?

iCloud Keychain's public key credentials power Passkeys, making passwords obsolete. They utilize biometric verifications like Touch ID and Face ID on iOS, or a distinct confirmation on macOS to generate and authenticate accounts.

When acting as the authenticator, your Apple device produces a distinct public-private key duo for each account established on a platform. The device keeps the private key while sending the public key to the server, referred to as the relying party.

Authsignal passkeys solution provides a back-end server also known as a WebAuthn server that facilitates the lifecycle of passkey management, check out this blog post that talks through the details implementing passkeys.

Now to the iOS implementation.

iOS passkeys prerequisites

There are certain prerequisites in the iOS ecosystem that you need to ensure are setup before implementation, we list the following

Passkeys are compatible with iOS 15 and later versions, and they synchronize through iCloud Keychain. For Autofill functionality, iOS 16 or higher is necessary.

To use passkeys you must first setup an associated domain with the webcredentials service type.

Host an apple-app-site-association file on the domain that matches your relying party:

GET https://<yourrelyingparty>/.well-known/apple-app-site-association

The response JSON should look something like this:

{
 "applinks": {},
 "webcredentials": {
     "apps": ["ABCDE12345.com.example.app"]
 },
 "appclips": {}
}
Enter fullscreen mode Exit fullscreen mode

where ABCDE12345 is your team id and com.example.app is your bundle identifier.

In XCode under "Signing & Capabilities" add a webcredentials entry for your domain / relying party e.g. example.com:

Installation

Sign up for an authsignal account

Authsignal iOS Passkey GitHub Repository

Cocoapods

Add the Authsignal cocoapod to your Podfile:

pod 'Authsignal', '~> 0.1.10'
Enter fullscreen mode Exit fullscreen mode

Swift Package Manager

Add authsignal-ios to the dependencies value of your Package.swift.

dependencies: [
    .package(url: "https://github.com/authsignal/authsignal-ios.git", .upToNextMajor(from: "0.1.10"))
]
Enter fullscreen mode Exit fullscreen mode

Registering a new passkey

Check out this youtube video of the iOS passkey registration flow

To register a new passkey, you first need to request a token via track. If the user is new, create a record for them in your own DB and pass their ID to Authsignal server-side to get a token, which can then be passed to the iOS SDK along with their username.

let result = await authsignal.passkey.signUp(token: initialToken, userName: userName)

if let error = result.error {
    print(error)
} else if let resultToken = result.data {
    // Pass this short-lived result token to your backend to validate that passkey registration succeeded
}
Enter fullscreen mode Exit fullscreen mode

Checkout the following for more steps on how to implement a passkey sign in flow, and the passkey autofill flow.

That's it, easy.

Top comments (0)