Auth0 Home Blog Docs

How to handle saved username in IOS Core Data?



What is the best way to re-authenticate a user from a username / email saved in IOS’s core data?
The idea is to save the username after the user has logged in, and then keep using that username until they logout. The difficulty we are facing is twofold:

  1. The credentials returned from Lock.onAuth() don’t include user info so we immediately call Auth.authentication().tokenInfo(token: credentials.idToken!) to get user information. This seems inefficient.
    Should we just parse the JWT in idToken?

  2. On the IOS application startup , if we find a saved username in Core Data, how do we authenticate and get an idToken with just the username?

And a related question: Why is the option to “Remember Me” not available in IOS?



You can validate and parse the ID token to get information about the user straight from the token without having to perform an additional request. If you’re using the most recent authentication endpoints that are OIDC compliant then the information contained in the token, by default, will be the standard OpenID Connect claims that you requested. If you want to include additional custom information in the ID token see OIDC - Custom Claims.


You cannot obtain a new ID token just from using a username. Given this is a mobile application you should be able to use an authentication flow that supports refresh tokens. You could then request that a refresh token be issued when the user first authenticates; this would then allow you to refresh the ID token and access tokens that you were initially issued. For reference information on refresh tokens see this documentation page.