Enroll iOS device with CyberArk Identity using SDK

This topic enables your iOS device to enroll with CyberArk Identity and leverage the QR code and mobile push authentication using the SDK

The CyberArk Identity iOS SDK is enabled with an enrollment model that verifies an iOS device. The enrollment model allows you to build your iOS app with the ability to enroll new devices when a QR code or push authentication option is used for the web app login.



An access token should be generated for the user and used to send the API calls for device enrollment. The access token can be generated using the OIDC authorization code with PKCE grant.

The enrollment model is as follows:

let enrollProvider = EnrollmentProvider() 
  /// To enroll the device 
    func enrollDevice() { 
        do { 
            guard let config = plistValues(bundle: Bundle.main) else { return } 
            guard let data = try KeyChainWrapper.standard.fetch(key: KeyChainStorageKeys.grantCode.rawValue), let code = data.toString() , let refreshTokenData = try KeyChainWrapper.standard.fetch(key: KeyChainStorageKeys.refreshToken.rawValue),let refreshToken = refreshTokenData.toString() else { 
          enrollProvider.enroll(baseURL: config.systemurl) 
        } catch  { 
        //Handle error case here 

Add an observer to receive the enrolment response

The following observer code snippet allows the app to get the response from the CyberArk Identity enrollment API.

func addEnrollObserver(){
        enrollProvider.didReceiveEnrollmentApiResponse = { (result, message) in
            if result {
                       // Handle sucess case here
            }else {
                       // Handle error case