Documentation
Swift (iOS)
Native sign-in with ASWebAuthenticationSession and PKCE.
Warning
Mobile apps are typically public clients. Do not embed
YOUR_CLIENT_SECRET in the IPA. Prefer a backend token exchange or a public client provisioned by Radiant Networks.Auth.swift
import AuthenticationServices
// Public native clients use PKCE and must NOT ship YOUR_CLIENT_SECRET.
// Ask Radiant Networks for a public client_id if you need mobile OAuth.
func signIn() {
let verifier = randomURLSafe(32)
let challenge = sha256Base64Url(verifier)
let state = randomURLSafe(16)
var comps = URLComponents(string: "https://auth.rdnt.live/api/auth/oauth2/authorize")!
comps.queryItems = [
.init(name: "response_type", value: "code"),
.init(name: "client_id", value: "YOUR_CLIENT_ID"),
.init(name: "redirect_uri", value: "yourapp://auth/callback"),
.init(name: "scope", value: "openid profile email offline_access"),
.init(name: "state", value: state),
.init(name: "code_challenge", value: challenge),
.init(name: "code_challenge_method", value: "S256"),
]
let session = ASWebAuthenticationSession(
url: comps.url!,
callbackURLScheme: "yourapp"
) { callbackURL, error in
// Validate state, then POST code + code_verifier to /oauth2/token
// Prefer exchanging on your backend if the client is confidential
}
session.start()
}