Integrate CyberArk Identity iOS SDK

This topic helps you to set up and install the iOS SDK into your mobile app and thus integrate with CyberArk Identity to provide strong authentication and authorization support to your app.

Step 1: Create an OAuth2.0 client (or) OpenID connect custom app

If you developed a public or confidential app to access CyberArk Identity services on behalf of an end-user, you need to create an OAuth 2.0 Client or OpenID Connect (OIDC)

For instructions on creating an OAuth 2.0 Client application in the Admin Portal, refer to
Authorization (Auth) Code Flow with PKCE.

📘

For public apps, such as native apps, the Authorization Code Flow with PKCE is recommended. To do this, select List (Apps > Web Apps > OAuth2 Client > General Usage > List) and add Allowed Clients in the Admin Portal

For instructions on creating an Open ID connect application in the Admin Portal, refer to
About OpenID Connect,
Add and configure the custom OpenID.

For public apps, such as native apps, the Authorization Code Flow with PKCE is recommended.

📘

The Redirect URI for the OAuth 2.0 client (or) OpenID connect should be "{auth_scheme}://{auth_host}/iOS/{YOUR_APP_PACKAGE_NAME}/redirectURICallback"

Step 2: Download the CyberArk Identity iOS SDK

Download the iOS sample app from GitHub and then unzip the file to your location. The sample app comes with the Identity.xcframework integrated.

Step 3: Adding Identity.xcframework into your Xcode project

In order to add the Identity.xcframework to your Xcode project follow the below steps:

1. Create an Xcode project
2. Right-click on the project explorer, and then select Add Files to your project
3. Browse to locate the SDK package(IdentityIntegrationApp > IdentitySDK > Identity.xcframework) which you have downloaded as part of sample app, and then click Add
4. Check the option Copy items if needed, and then click Finish

Step 4: Embed Identity.xcframework into the project target

Make sure that the framework is embedded into your app’s binary. To embed Identity.xcframework, refer to the following steps:

1. In Xcode, click the project root to navigate to your project settings.
2. Make sure that your target is selected, and that the General tab is open.
3. Select Embed & Sign for Frameworks.Libraries and Embedded.

Step 5: Create a plist file

To customize your app with CyberArk Identity SDK features, create a custom plist file with the name IdentityConfiguration.plist. The plist file contains configuration information that is essential to receive a callback from CyberArk Identity. Copy the XML snippet below and configure it with your account information:

<plist version="1.0">
<dict>
    <key>clientid</key>
    <string>{YOUR_CLIENT_ID}</string>
    <key>domainoauth</key>
    <string>{YOUR_TENANT_URL}</string>
    <key>systemurl</key>
    <string>{YOUR_SYSTEM_URL}</string>
    <key>applicationid</key>
    <string>{YOUR_APPLICATION_ID}</string>
    <key>redirecturi</key>
    <string>{URLSCHEME}://{bundleidentifier}</string>
    <key>scope</key>
    <string>{YOUR_SCOPE}</string>
    <key>threshold</key>
    <integer>{YOUR_THRESHOLD}</integer>
    <key>responsetype</key>
    <string>code</string>
    <key>loginurl</key>
    <string>{your_loginurl}</string>
    <key>widgetid</key>
    <string>{your_widgetid}</string>
    <key>mfatenanturl</key>
    <string>{your_mfatenanturl}</string>
</dict>
</plist>

Step 6: Add the URL Scheme to the project

After creating the plist file, define a callback (redirect URL scheme) in the app, which helps the app to exchange the authorization codes for access tokens. To add the callback URL scheme, refer the following steps:

1. Goto Xcode, select the root project >> target >> Info
2. Expand the URL Types section and set the Identifier value to $(PRODUCT_BUNDLE_IDENTIFIER) and URL Scheme to unique URL scheme with the desired name.