Skip to content

An iOS application that authenticates Azure AD users and calls a web API using OAuth 2.0 access tokens.

License

Notifications You must be signed in to change notification settings

Azure-Samples/active-directory-ios

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Services platforms author level client service endpoint
active-directory
iOS
brandwe
100
iOS Mobile App
Microsoft Graph
AAD V1

ADAL Swift Microsoft Graph API Sample

Getting Started Library API Reference Support

There's a newer version of this sample! Check it out: https://github.com/azure-samples/ms-identity-ios-swift-native

This newer sample takes advantage of the Microsoft identity platform (formerly Azure AD v2.0).

While still in public preview, every component is supported in production environments.

The ADAL Objective C library gives your app the ability to begin using the Microsoft Azure Cloud by supporting Microsoft Azure Active Directory accounts using industry standard OAuth2 and OpenID Connect. This sample demonstrates all the normal lifecycles your application should experience, including:

  • Get a token for the Microsoft Graph
  • Refresh a token
  • Call the Microsoft Graph
  • Sign out the user

Scenario

This app can be used for all Azure AD accounts. It demonstrates how a developer can build apps to connect with enterprise users and access their Azure + O365 data via the Microsoft Graph. During the auth flow, end users will be required to sign in and consent to the permissions of the application, and in some cases may require an admin to consent to the app. The majority of the logic in this sample shows how to auth an end user and make a basic call to the Microsoft Graph.

Topology

Steps to Run

Register & Configure your app

You will need to have a native client application registered with Microsoft using the Azure portal.

  1. Getting to app registration

  2. Create the app

    • Click New registration.
    • Enter an app name in the Name field.
    • In Supported account types, select Accounts in any origanizational directory and personal Microsoft accounts.
    • In Redirect URI (optional), select Public client (mobile & desktop) and enter urn:ietf:wg:oauth:2.0:oobas the URI.
  3. Configure Microsoft Graph API Access

    • Select API Permissions
    • Select Add a permission, and then select Microsoft Graph.
    • Select Delegated permissions and select the permissions offline_access, openid, and profile. We'll also need User.Read, but this is selected by default for us already.
    • Hit Add permissions to save.
  4. Congrats! Your app is successfully configured. In the next section, you'll need:

    • Application ID
    • Redirect URI
    • Entitlements
      • Is required for building your own Xcode project

Get the code

  • $ git clone git@github.com:Azure-Samples/active-directory-ios.git
  1. Download Cocoapods (if you don't already have it)

CocoaPods is the dependency manager for Swift and Objective-C Cocoa projects. It has thousands of libraries and can help you scale your projects elegantly. To install on OS X 10.9 and greater simply run the following command in your terminal:

$ sudo gem install cocoapods

  1. Build the sample and pull down ADAL for iOS automatically

Run the following command in your terminal:

$ pod install

This will download and build ADAL for iOS for you and configure your Microsoft Tasks.xcodeproj to use the correct dependencies.

Step 4: Run the application in Xcode

This will download and build ADAL for iOS for you and configure your QuickStart.xcodeproj to use the correct dependencies.

You should see the following output:

$ pod install
Analyzing dependencies
Downloading dependencies
Installing ADAL (2.5.2)
Generating Pods project
Integrating client project

[!] Please close any current Xcode sessions and use `QuickStart.xcworkspace` for this project from now on.
Sending stats
Pod installation complete! There is 1 dependency from the Podfile and 1 total pod installed.
  1. Run the application in Xcode

Launch XCode and load the QuickStart.xcworkspace file. The application will run in an emulator as soon as it is loaded.

  1. Configure the ViewController.swift file with your app information

You will need to configure your application to work with the Azure AD tenant you've created.

  • In the QuickStart project, open the file ViewController.swift. Replace the values of the elements in the section to reflect the values you input into the Azure Portal. Your code will reference these values whenever it uses ADAL.
    • The kClientID is the clientId of your application you copied from the portal.
    • The kRedirectUri is the redirect url you registered in the portal.

If you are adding ADAL to an existing Xcode project or you've created a new one on your own, you'll also need to enable Keychain Sharing.

  • In the Signing & capabilities tap, add Keychain Sharing if you don't have one
  • Add com.microsoft.adalcache into Keychain Groups

If your app supports Brokered Authentication, you will need to update the CFBundleURLSchemes name

  • In the QuickStart project, open the file Info.plist. replace the CFBundleURLSchemes with your scheme name
<key>CFBundleURLTypes</key>
    <array>
        <dict>
            <key>CFBundleTypeRole</key>
            <string>Editor</string>
            <key>CFBundleURLName</key>
            <string>$(PRODUCT_BUNDLE_IDENTIFIER)</string>
            <key>CFBundleURLSchemes</key>
            <array>
                 <string>adal-sample-app</string>
            </array>
            </dict>
    </array>

Important Info

  1. Checkout the ADAL Objective C Wiki for more info on the library mechanics and how to configure new scenarios and capabilities.
  2. In Native scenarios, the app will use an embedded Webview and will not leave the app. The Redirect URI can be arbitrary.
  3. Find any problems or have requests? Feel free to create an issue or post on Stackoverflow with tag azure-active-directory.

Feedback, Community Help, and Support

We use Stack Overflow with the community to provide support. We highly recommend you ask your questions on Stack Overflow first and browse existing issues to see if someone has asked your question before.

If you find and bug or have a feature request, please raise the issue on GitHub Issues.

To provide a recommendation, visit our User Voice page.

Contribute

We enthusiastically welcome contributions and feedback. You can clone the repo and start contributing now. Read our Contribution Guide for more information.

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.

Security Library

This library controls how users sign-in and access services. We recommend you always take the latest version of our library in your app when possible. We use semantic versioning so you can control the risk associated with updating your app. As an example, always downloading the latest minor version number (e.g. x.y.x) ensures you get the latest security and feature enhanements but our API surface remains the same. You can always see the latest version and release notes under the Releases tab of GitHub.

Security Reporting

If you find a security issue with our libraries or services please report it to secure@microsoft.com with as much detail as possible. Your submission may be eligible for a bounty through the Microsoft Bounty program. Please do not post security issues to GitHub Issues or any other public site. We will contact you shortly upon receiving the information. We encourage you to get notifications of when security incidents occur by visiting this page and subscribing to Security Advisory Alerts.

About

An iOS application that authenticates Azure AD users and calls a web API using OAuth 2.0 access tokens.

Resources

License

Code of conduct

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published