This document is a practical step-by-step guide for integrating and utilizing Gigya's services within the extent of your iOS Swift native application.
Why should I upgrade?
The CDC sdks intend to facilitate implementation of CDC RaaS Flows, by providing functions to authorise CDC API endpoints, manage social providers auth flows, user session management and plugins for CDC’s screensets technology. CDC’s latest Swift SDK v1 is a complete redesign of the previous Objective C SDK. During the redesign, developers that experienced implementation of the old SDK in their mobile app were consulted, and 3 leading aspects were defined for the new sdk:
- Aligned with up-to-date development and performance standards
- Great customer development experience (never leave the IDE)
- Focus on common business flows
The redesign also benefits from the following:
- Better performance.
- Easy work with you site's custom account schema as it's now easily integrated with the entire SDK.
- Caching of the end-user's account data to reduce network calls.
- Built-in business flows, like registration, login and more, with out-of-the-box handling for the different outcome scenarios.
- For example, an end-user tries to register and gets "pending registration" due to a missing required field configured in the site's schema.
Download SDK and Samples
Download the latest Swift SDK files:
Basic Integration From File
In order to integrate the Swift SDK into your project, please download and add the following .framework files to your Frameworks and Libraries sections and set the Embed to Embed & Sign:
Under the Build Phases tab in your Target, click the + button on the top left and then select New Run Script Phase. After, setup the build phase as follows and make sure this phase is below the Embed Frameworks phase.
Basic Integration From Cocoapods
For the base SDK, open your Podfile and add this follow line:
For the TFA library, open your Podfile and add this follow line:
For the AUTH library, open your Podfile and add this follow line:
In order to add the Gigya Native Screen-Sets library via CocoaPods to your project, you need to create a specific target per configuration (Debug / Release).
After you have configured the Debug and Release targets, open your Podfile and add the following line per target:
So, your code should look similar to this:
Once you have completed the changes above, run the following:
The SDK requires an active reference to the running AppDelegate.swift, for example:
When you using custom account schema you need include it every time you are using Gigya.sharedInstance.
The SDK will implicitly initialize itself according to Info.plist configuration.
Add the following two key/values to your app's .plist file:
- GigyaApiKey: your Gigya key
GigyaApiDomain (optional): Data center, default is us1.
See Finding Your Data Center to determine your data center.
As an alternative to implicit initialization, you can initialize the SDK explicitly:
From this point, code blocks will use the Gigya interface as member variable (gigya), as if it was already initialized.
Sending a Request
You can send anonymous requests to Gigya using the SDK using one of two overloads:
- General - this will return an dictionary (see the section below on how to access its data).
- Typed - this will return an instance of the provided class.
The following example sends an "accounts.verifyLogin" request using the current logged in user's UID field to verify that the current session is still valid.
You can find the list of available Gigya API endpoints and their required parameters in the REST API Reference.
GigyaApiResult Enum with Associated Values
The SDK provides a custom response enum for encapsulating Gigya API's responses.
This Enum exposes multiple cases that can help simplify your flow.
Here are a few examples of a given response:
Login & Registration
Site login & registration via API calls (to differ from social login & registration) is available using the login/register methods.
Site Login & Registration
Here are a few examples for login/register usage:
Login via loginID & password:
Register via email & password:
Logging-in using a social network is one of the key features of the Gigya Swift SDK.
The following social providers currently support the login operation:
- Orange France
- Tencent QQ
- Sina Weibo
- Yahoo Japan
All supported providers constants are available using GigyaSocialProviders enum.
The following providers support native login using their own SDKs: Facebook, Google, Line, WeChat.
Please make sure to follow each configuration implementation mentioned in the "Configuring Native Login" section.
Having native support will require you to add the provider's library dependency to your application.
Provider Selection Screen
You can show a dialog with defined social providers in the following way:
Here is a screenshot using the above implementation:
Login With A Specified Provider
Alternatively, you can initiate social login flow to a specific social provider:
Configuring Native Login
For some social providers, the SDK supports social login via the social provider's native implementation.
It is done by using the provider's native SDK, so it will require you to add its required libraries and wrappers to your Swift project.
We will review the relevant providers and their implementation flow.
Using Sign in With Apple is mandatory if you want users to login via Apple. The first step is to go to your Xcode project settings and add AuthenticationServices.framework to the frameworks tab.
Next step you need to allow Sign in with Apple, go to "Signing & Capabilities" section.
Tap on + Capability and add Sign in With Apple.
After you have added AuthenticationServices.framework to your project you next need to import the AppleSigninWrapper.swift file from the GigyaProviders dictionary to your Xcode project.
An example of login flow to a Apple provider:
Adding Facebook native login to your iOS app is mandatory if you want to login via Facebook. To do so, set up your Facebook app in your XCode project using the following instructions:
If you do not yet have an active Facebook app please see our Facebook documentation.
For mobile specific, please go to Facebook Mobile App Setup.
Instructions for adding Facebook SDK to your iOS device can be found at Facebook SDK for iOS.
After completing to add the Facebook SDK to your project you need to import "FacebookWrapper.swift" file from "GigyaProviders" dictionary to your Xcode project.
Using Google Sign-In is mandatory if you want users to login via Google.
Instructions for adding Google Sign-in to your iOS device can be found at Google Sign-In for iOS.
Add the following tag to your plist file. It is recommended that the "GoogleClientID" String and "GoogleServerClientID" be placed in the your Info.plist file.
After you have completed to add Google Sign-in to your project you need to import "GoogleWrapper.swift" file from "GigyaProviders" dictionary to your Xcode project.
The Gigya Swift SDK allows you to enable LINE native login for users that have the LINE app installed on their iOS devices.
Instructions can be found at Integrating LINE Login with an iOS app.
After you have completed adding Line SDK to your project you need to import "LineWrapper.swift" file from the "GigyaProviders" dictionary to your Xcode project.
The Gigya Swift SDK allows you to enable WeChat native login for users that have the WeChat app installed on their iOS device.
Instructions can be found at WeChat for iOS.
Add the following tag to your plist file, It is recommended that the "WeChatAppID" String be placed in the your Info.plist file.
After you have completed adding the WeChat SDK to your project you need to import "WeChatWrapper.swift" file from the "GigyaProviders" dictionary to your Xcode project.
- The signature generation tool must be installed on the mobile device.
- You will not be able to test WeChat functionality using an emulator. WeChat requires a physical mobile device.
- Once you update your app signature in the WeChat console, it could take a couple of hours to update.
- If you experience problems and notice errCode -6 from WeChat while debugging, it means the signature isn't correct.
A simple logout is available by using:
Logging out will clear all session data from the device.
Using Google Firebase
An active Firebase account is needed in order to integrate the push TFA service.
Instructions on how to add Firebase into your iOS application can be found here.
Setting up your application to use cloud messaging
Once you have your Firebase up and running, you are able to register your application in the cloud messaging tab of your project settings page.
- Go to your Firebase console and select your project and open project settings as shown:
- Select the "Cloud Messaging" tag and copy your Server key.
- Use the copied Server key and update your site console RBA settings.
Adding The Gigya messaging service
- Enable remote notifications.
- Go to your project target -> Capabilities -> Background Modes -> Remote notifications (Enable if needed).
- Go to your project target -> Capabilities -> Background Modes -> Remote notifications (Enable if needed).
- Allow Firebase to send foreground notifications.
After you called FirebaseApp.configure() add the follow line:
- Add Firebase delegate
The Gigya server requires the push token to be sent to it in order to send push notifications to your client devices. In order to do so, add the following to your AppDelegate.swift:
- Handling push notifications.
In order to let the SDK handle incoming TFA push notifications, add the following to you AppDelegate.swift as well.
- Notification interaction.
Customer Data Cloud's notifications require action confirmations. Whether it is to approve or deny the opt-in or login process. In order to open the actions alert confirmation you will need to add the following to your AppDelegate.swift.
Configuring Session Expiration
Fixed Length Sessions
Starting a new session via register or login is also available with a fixed time span expiration constraint.
When the session expires, the SDK will notify about it via NotificationCenter.
In order to be notified of session changes, you will need to addObserver in your ViewController, for example:
Verify Login Interval
The Swift SDK can track a user's current session and determine if there were changes to the site's schema and require re-authentication for the user when necessary.
For example, this can be used to invalidate a user's active session if their previously agreed Terms of Service consent version has changed.
When using session verification, the client application will be informed, via 'NotificationCenter', if the automatic verification fails. This will allow your application to perform the necessary logic in order to re-authenticate the user.
To implement this flow, add the following key/value to your app's .plist file:
- GigyaSessionVerificationInterval : Integer (the length of time, in seconds, to check the user's profile against the site's schema).
When the verification fails, the SDK will send a notification about it via NotificationCenter.
In order to be notified of session changes, you will need to use addObserver in your ViewController, for example:
Gigya's Swift SDK allows you to get a smooth developing experience by binding the SDK's main Gigya instance to a class of the same structure as your schema.
This will allow the SDK to accept and return account instances according to your specification.
Here is an example of a custom Account Schema struct, which corresponds with the above site's Schema.
When you inherit from GigyaAccountProtocol, the relevant profile fields will be inherited and you can add the data field according to your schema.
We can initialize a Gigya instance with the MyAccount struct, and see the account methods operate accordingly.
In order to retrieve the current account you can use the "getAccount" method:
Using "getAccount" requires you to have a valid session.
In order to improve the end-user's experience by avoiding unnecessary network requests, the SDK caches the current account data for a period of 5 minutes (by default).
The account cache property can be set via the JSON configuration file or by adding a meta-data tag as show in the initializationsection of the document.
To bypass the account's caching you must provide true when requesting a new account:
The SDK provides two options for updating a user account data.
Using "setAccount" requires you to have a valid session.
In order to avoid unnecessary errors, please make sure that the fields you trying to update are marked as "client Modify" in the site's schema. You can verify this using Gigya's Admin Console, in your site's Schema Editor page under the Settings panel.
Screen-Sets, as one of Gigya's most powerful features, are available also on your mobile app!
The SDK provides a simple interface for using & displaying screen-sets via the PluginViewController & the GigyaPluginEvent components.
Using screen-sets is available using the "showScreenSet" method of the Gigya interface.
Here is an example of using the SDK's showScreenSet method using the default "Registration-Login" screen set:
The "showScreenSets" method available parameters include all the parameters the web screen-sets plugin can receive.
This return object is an enum which is aligned to all optional plugin events fired by the screen-sets plugin.
Here is the Enum to its extent. You can use separate case by add default to the switch case:
The plugin event is also typed to the current Account schema.
The Gigya SDK provides popular built-in flows for fluent development.
Business APIs are provided in order to give you an easier interface. If a more detailed and customized use is required, you can still use the generic Gigya.send interface for all request purposes.
Some flows can be "interrupted" due to certain Site policies.
For example, when trying to register but Two Factor Authentication is required - then an "interruption" can occur about "pending TFA registration" that will require the end user to setup a TFA method before being able to complete the registration flow.
The SDK's Business APIs are design to help to easily develop a friendly way to face and resolve those interruptions in order to get the end user logged in and still complying to the site's policies.
Interruption handling is a key feature introduced as of v1 of the Swift SDK.
The SDK will expose a resolver object for supported interruptions in order to give you as a developer the ability to resolve them within the same flow that they were triggered.
The current supported interruption flows are:
- Pending registration
- Account linking
- Pending TFA registration.
- Pending TFA verification
All interruption flows are implemented in the provided Sample project.
Interruptions handling - Account linking example
We will start with a simple register request for an email address that is already registered:
As expected we will receive an error which indicates that this login identifier already exists in the system (errorCode 403043).
Usually when receiving that kind of error, we would trigger an API call to retrieve the conflicting accounts (via accounts.getConflictingAccount), then try to login with one of the supported account's identities (using mode:"link").
However, the SDK can handle this interruption for us:
To do so, in our our GigyaLoginResult we will switch the conflictingAccounts case:
While the response parameter contains the original response from the register API call (accounts.register), the resolver object (of type LinkAccountsResolver) already contains all we need in order to complete the flow:
Trying the resolve the flow will now try to login with the original conflicted account and link both accounts.
If the operation was successful, the original GigyaLoginResult will be notified and the flow will be directed to its original successcase.
In order to provide the end user with a fluid experience some UI intervention is recommended. Examples for this can be found in the Sample application.
Using the GigyaWebBridge explicitly.
You are able to use the GigyaWebBridge.swift class explicitly in order to attach Gigya's web sdk actions into your own WebView implementation. Attaching the GigyaWebBridge will allow you to add Gigya's session management you your custom web implementation. Special cases include uses of SAML & captcha implementations. The following snippet demonstrates the basic implementation of the GigyaWebBridge.
End User & Biometric Authentication
The biometric fingerprint feature is a security encryption on top of an existing session of your app, therefore, calling any biometric operations requires a valid session.
The supported end user flow for the biometric authentication feature is:
- An end user logs in.
- An end user opts in to biometric authentication.
- This will require the end user to verify his fingerprint.
- The app is locked or being cleared from memory.
- The end user is required to unlock the app in order to restore his session.
- This will require the end user to verify his fingerprint.
- The end user opts out of biometric authentication
In order to use biometric authentication, the following must apply:
- The device has a Passcode.
- The device has a TouchID/FaceID available.
Available authentication methods:
- Opt-In - Opts-in the existing session to use fingerprint authentication.
- Opt-Out - Opts-out the existing session from using fingerprint authentication.
- Lock - Locks the existing session until unlocking it. No authentication based actions can be done while the session is locked.
- Unlock - Unlocks the session so the user can continue to make authentication based actions.
Example of biometric authentication flow:
Prompt and FaceID
In order to use FaceID in a compatible device, you must include following key to your Info.plist file.
Additionally, when you want to set a custom text in Touch ID prompt , you can include the following key:
Gigya Swift SDK requires Xcode 11 and above.
Upgrading application from Objective c to Swift SDK is supported (Only in Swift project) . Migration of your application code is required