SudoUserClient

public protocol SudoUserClient : AnyObject

Protocol encapsulating a library of functions for calling Sudo Platform identity services, managing keys, performing cryptographic operations.

  • The release version of this instance of SudoUserClient.

    Declaration

    Swift

    var version: String { get }
  • isRegistered() Asynchronous

    Indicates whether or not this client is registered with Sudo Platform backend.

    Declaration

    Swift

    func isRegistered() async throws -> Bool

    Return Value

    true if the client is registered.

  • reset() Asynchronous

    Removes all keys associated with this client and invalidates any cached authentication credentials.

    Throws

    SudoUserClientError.FatalError

    Declaration

    Swift

    func reset() async throws
  • Registers this client against the backend with a registration challenge and validation data.

    Declaration

    Swift

    func registerWithDeviceCheck(
        token: Data,
        buildType: String,
        vendorId: UUID,
        registrationId: String?
    ) async throws -> String

    Parameters

    token

    Apple DeviceCheck token..

    buildType

    Build type of the App from which the DeviceCheck token was retrieved, e.g. “debug” or “release”.

    vendorId

    An alphanumeric string that uniquely identifies a device to the app’s vendor. Obtained via identifierForVendor property of UIDevice class.

    registrationId

    The registration ID used for uniquely identifying the registration request in case it fails.

    Return Value

    User ID of newly registered user.

  • Registers this client against the backend with an external authentication provider. Caller must implement AuthenticationProvider protocol to return appropriate authentication token required to authorize the registration request.

    Declaration

    Swift

    func registerWithAuthenticationProvider(
        authenticationProvider: AuthenticationProvider,
        registrationId: String?
    ) async throws -> String

    Parameters

    authenticationProvider

    Authentication provider that provides the authentication token.

    registrationId

    The registrationId if known.

    Return Value

    User ID of newly registered user.

  • deregister() Asynchronous

    Deregisters this client from the backend and resets the keychain. Will throw an error if an error occurred while attempting to reset the keychain.

    Declaration

    Swift

    func deregister() async throws -> String

    Return Value

    User ID of the deregistered user.

  • signInWithKey() Asynchronous

    Sign into the backend using a private key. The client must have created a private/public key pair via register method.

    Declaration

    Swift

    func signInWithKey() async throws -> AuthenticationTokens

    Return Value

    Authentication tokens.

  • Sign into the backend with an external authentication provider. Caller must implement AuthenticationProvider protocol to return the appropriate authentication token associated with the external identity registered with registerWithAuthenticationProvider.

    Declaration

    Swift

    func signInWithAuthenticationProvider(authenticationProvider: AuthenticationProvider) async throws -> AuthenticationTokens

    Parameters

    authenticationProvider

    Authentication provider that provides the authentication token.

    Return Value

    Authentication tokens.

  • Presents the sign in UI for federated sign in using an external identity provider.

    Declaration

    Swift

    func presentFederatedSignInUI(presentationAnchor: ASPresentationAnchor) async throws -> AuthenticationTokens

    Parameters

    presentationAnchor

    Window to act as the anchor for this UI.

    Return Value

    Authentication tokens.

  • Presents the sign out UI for federated sign in using an external identity provider.

    Declaration

    Swift

    func presentFederatedSignOutUI(presentationAnchor: ASPresentationAnchor) async throws

    Parameters

    presentationAnchor

    Window to act as the anchor for this UI.

  • Processes federated sign in redirect URL to obtain the authentication tokens required for API access..

    Declaration

    Swift

    func processFederatedSignInTokens(url: URL) async throws -> Bool

    Parameters

    url

    Federated sign in URL passed into the app via URL scheme.

    Return Value

    Boolean indicating whether or not the FSSO token was processed successfully.

  • Refreshes the access and ID tokens using the refresh token. The refresh token expires after 30 days so sign in again to obtain a new refresh token before its expiry. The tokens will also be refreshed automatically when you call platform APIs requiring authentication but there will be added delay in the API response. For more consistent response time for each API call, call this API to proactively keep the tokens fresh.

    Declaration

    Swift

    func refreshTokens(refreshToken: String) async throws -> AuthenticationTokens

    Parameters

    refreshToken

    Refresh token.

    Return Value

    Authentication tokens.

  • refreshTokens() Asynchronous

    Refreshes the access and ID tokens using the cached refresh token. The refresh token expires after 30 days so sign in again to obtain a new refresh token before its expiry. The tokens will also be refreshed automatically when you call platform APIs requiring authentication but there will be added delay in the API response. For more consistent response time for each API call, call this API to proactively keep the tokens fresh.

    Declaration

    Swift

    func refreshTokens() async throws -> AuthenticationTokens

    Return Value

    Authentication tokens.

  • Returns the user name associated with this client. The username maybe needed to contact the support team when diagnosing an issue related to a specific user.

    Declaration

    Swift

    func getUserName() throws -> String?

    Return Value

    User name.

  • setUserName(name:) Asynchronous

    Sets the user name associated with this client. Mainly used for testing.

    Declaration

    Swift

    func setUserName(name: String) async throws

    Parameters

    name

    user name.

  • Returns the subject of the user associated with this client. Note: This is an internal method used by other Sudo platform SDKs.

    Declaration

    Swift

    func getSubject() throws -> String?

    Return Value

    Subject.

  • Returns the ID token cached from the last sign-in. Note: This is an internal method used by other Sudo platform SDKs.

    Declaration

    Swift

    func getIdToken() throws -> String?

    Return Value

    ID token.

  • Returns the access token cached from the last sign-in. Note: This is an internal method used by other Sudo platform SDKs.

    Declaration

    Swift

    func getAccessToken() throws -> String?

    Return Value

    Access token.

  • Returns the refresh token cached from the last sign-in. Use for callling refreshTokens API to refresh the authentication tokens.

    Declaration

    Swift

    func getRefreshToken() throws -> String?

    Return Value

    Refresh token.

  • Returns the ID and access token expiry cached from the last sign-in. The tokens should be refreshed before they expired otherwise the platform APIs requiring authentication may fail.

    Declaration

    Swift

    func getTokenExpiry() throws -> Date?

    Return Value

    Token expiry.

  • Returns the refresh token expiry cached from the last sign-in.

    Declaration

    Swift

    func getRefreshTokenExpiry() throws -> Date?

    Return Value

    Refresh token expiry.

  • clearAuthTokens() Asynchronous

    Clears cached authentication tokens.

    Declaration

    Swift

    func clearAuthTokens() async throws
  • signOut() Asynchronous

    Signs out the user from this device only.

    Declaration

    Swift

    func signOut() async throws
  • globalSignOut() Asynchronous

    Signs out the user from all devices.

    Declaration

    Swift

    func globalSignOut() async throws
  • getIdentityId() Asynchronous

    Retrieves and returns the identity ID associated with the temporary credential used for accessing certain backend resources, e.g. large blobs stored in AWS S3.

    Declaration

    Swift

    func getIdentityId() async -> String?

    Return Value

    Identity ID.

  • Returns the specified claim associated with the user’s identity.

    Declaration

    Swift

    func getUserClaim(name: String) throws -> Any?

    Parameters

    name

    Claim name.

    Return Value

    The specified claim value. The value can be of any JSON supported types. Safe cast it the expected Swift type before using it, e.g. Dictionary, Array, String, Number or Bool.

  • isSignedIn() Asynchronous

    Indicates whether or not the client is signed in. The client is considered signed in if it currently caches valid ID and access tokens.

    Declaration

    Swift

    func isSignedIn() async throws -> Bool

    Return Value

    true if the client is signed in.

  • Returns the list of supported registration challenge types supported by the configured backend.

    Declaration

    Swift

    func getSupportedRegistrationChallengeType() -> [ChallengeType]

    Return Value

    List of supported registration challenge types.

  • Registers an observer for sign in status changes.

    Declaration

    Swift

    func registerSignInStatusObserver(id: String, observer: SignInStatusObserver) async

    Parameters

    id

    unique ID to associate with the observer.

    observer

    sign in status observer to register.

  • Deregisters an existing sign in status observer.

    Declaration

    Swift

    func deregisterSignInStatusObserver(id: String) async

    Parameters

    id

    ID of the observer to deregister.