Using Lock swift with authorization code grant

We are trying to integrate Autho0 login with our mobile app (native iOS - swift) and we are having some issues figuring out the correct way to do it.

The plan is to use Lock, to present an in-app login UI (we don’t want the user to leave our app during login) since that seems to offer a semi-customizable UI presented in app and doesn’t require us to implement the whole login flow ourselves. At least that’s the theory.

Currently this is working fine by using the password grant, but from what I understand the documentation, this is not recommended for native mobile apps and we should be using authorization code grant with PKCE instead. Is this correct? Does Lock support this type of login, and how do we use it if it does?

Hey there @r00li!

That is totally correct. When going for native mobile app you should use the Proof Key for Code Exchange (PKCE) OAuth 2.0 grant. Here’s more on that:

and here’s more on the implementation itself:

Let me know if that helps!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.