OAuth - codepath/ios_guides GitHub Wiki

Overview

OAuth is an authentication and authorization framework for Internet users to log into third party websites using their Google, Facebook, Twitter or other accounts without exposing their password. Put simply Oauth enables the "Login with Facebook Account (or other social accounts)" to third party apps. When you authenticate to an app using some social account, Oauth defines mechanisms where certain user permissions are delegated to the app. For example, the app may have permissions to query your facebook page to retrieve your name, profile picture and other details which it can then use to create your profile page on the app. App's typically do this by querying API's exposed by the service.

Implementing OAuth in an iOS app

Note: This page previously walked through registering a Twitter app and building an OAuth client against Twitter's free API tier. X (formerly Twitter) no longer offers a free consumer tier for new API registrations, so that walkthrough was removed.

To implement an OAuth login flow in an iOS app, use Apple's AuthenticationServices framework: ASWebAuthenticationSession presents the provider's login page in a secure system browser session and hands the callback URL (with the authorization code) back to your app. Many providers also ship official SDKs that wrap this flow for you.