API

The iOS SDK offers 3 basic methods that can be called from the base class: "ConnectisSDK".

Login

func logIn(sdkConfiguration: ConnectisSDKConfiguration,
caller: UIViewController,
delegate: AuthenticationResponseDelegate,
allowDeviceAuthentication: Bool = false,
errorResponseDelegate: ErrorResponseDelegate? = nil
)

Where ConnectisSDKConfiguration is a basic data class:

public struct ConnectisSDKConfiguration {
public var issuer: String
public var clientID: String
public var redirectURI: String
public var scopes: String?
public var brokerAppAcs: String?
public var brokerDigidAppAcs: String?
public var loginFlow: LoginFlow
public init(issuer: String, clientID: String, redirectURI: String,
scopes: String?, brokerAppAcs: String? = nil,
brokerDigidAppAcs: String? = nil ,loginFlow: LoginFlow = LoginFlow.WEB) {
self.issuer = issuer
self.clientID = clientID
self.redirectURI = redirectURI
self.scopes = scopes
self.brokerAppAcs = brokerAppAcs
self.brokerDigidAppAcs = brokerDigidAppAcs
self.loginFlow = loginFlow
}
}

and AuthenticationResponseDelegate is a protocol where you can handle the response:

public protocol AuthenticationResponseDelegate: class {
func handleResponse(authenticationResponse: AuthenticationResponse)
func onCancel()
}

the AuthenticationResponse is the class you will receive after a login was made in the CIB.

public struct AuthenticationResponse {
public var isSuccess: Bool
public var error: Error?
public var nameIdentifier: String?
public var attributes: [Attribute]?
}

Properties definition:

  • issuer - the endpoint of the CIB that you want to connect to. Given by Connectis Technical Support.

  • clientId - the client-id that you provided to Connectis Technical Support.

  • redirectUri - must be set to the universal link value

  • scopes - can be set if you want to do idp scoping (bypass the idp selection screen or for app2app)

  • brokerAppAcs - must be set for app2app openid: broker endpoint for processing app2app openid flows

  • brokerDigidAppAcs - must be set for app2app DigID: broker endpoint for processing app2app DigID flow

  • loginFlow - can be set to either WEB or APP_TO_APP, default is WEB

  • caller - The activity context where you call the ConnectisSDK from

  • delegate - your implementation of the AuthenticationResponseDelegate interface

  • errorResponseDelegate - optional implementation for handling errors (if none is provided, exceptions will be logged)

  • allowDeviceAuthentication - true if you wish to enable device authentication in your application, false otherwise

OpenId Access Token

The API provides access to a valid OpenId access token

func useAccessToken(caller: UIViewController,
delegate: AccessTokenDelegate
)

where AccessTokenDelegate is a protocol:

public protocol AccessTokenDelegate: class {
func handleAccessToken(accessToken: Token)
func onError(errorMessage: String)
}

Note: for security reasons, the OpenId Access Token should be treated as a secret in the software.

Device Authentication

The iOS SDK offers the possibility to authenticate the users, once the user logged in at least once, using the mobile phone device authentication supported methods(face unlock, fingerprint, pin code)

To enable the device authentication flow call the following method after the user logged in using the CIB:

func enableDeviceAuthentication(delegate: DeviceAuthenticationResponseDelegate)

If you wish to disable the device authentication you can call the following function:

func disableDeviceAuthentication()