Hi guys,
We have a website that stores user information, and a mobile app (iOS). We tried using native sign in on iOS which works and gives back a jwt. However, we need to be able to verify that this jwt is valid (dont want to blindly trust it), which we don’t seem to have a way. We had firebase previously that did token exchange, but I don’t see a way to do this with iOS sdk… where token was returned, upon login, we passed to our back end to generate jwt token. What’s the right flow here with Auth0?
Also registration is another issue. We run native ios SDK code, which does register, however our back end is not notified, which means we never know the user was created. Should we be doing something else? Or is it some sort of configuration setting in auth0 website?
Auth0
.authentication()
.login(
usernameOrEmail: email,
password: password,
realm: "Username-Password-Authentication",
scope: "openid profile email")
.start { result in
DispatchQueue.main.async {
switch result {
case .success(let credentials):
callback(credentials.accessToken, nil)
case .failure(let error):
callback(nil, error)
}
}
}
Auth0
.authentication()
.createUser(
email: email,
password: password,
connection: "Username-Password-Authentication",
userMetadata: ["first_name": first,
"last_name": last]
)
.start { result in
DispatchQueue.main.async {
switch result {
case .success(let user):
callback(user.email, nil)
case .failure(let error):
callback(nil, error)
}
}
}