Token Management
How the iOS SDK manages your user's tokens
Use Passage Token Store
When you create an instance of Passage you also get an instance of PassageStore , unless you choose to opt out of this functionality (see Manage tokens yourself). Anytime your user successfully registers or logs in, their auth token and refresh token (if applicable) are stored securely on their device.
Get auth token
You can access the current auth token this way:
Check if auth token is expired
You can check if the auth token is expired like this:
Refresh auth token
If you've setup refresh tokens in your app (strongly recommended), you can refresh your auth token like this:
Note that calling passage.refresh() will store your new auth token on the device.
Sign out user and remove tokens from device
When you call passage.signOut(), the user's tokens are removed from the device.
How are tokens stored?
Your user's auth token and refresh token are both stored on device using Apple's Keychain API. When you sign out your user, the refresh token is revoked on the server and both tokens are removed from the device.
Manage tokens yourself
If you would prefer to manage tokens yourself and not use Passage Token Store, you can use the PassageAuth static methods instead.
Get tokens from auth methods
Any successful authentication call you make (see Passkey Authentication and Fallback Authentication) returns an AuthResult which contains your user's auth token and refresh token.
For example:
You can then store and mange them however you choose.
Authenticate Passage requests
To make an authenticated Passage user request, simply use the PassageAuth static methods and pass the token. For example, to initiate a user email change:
Refresh and revoke tokens
You can use the PassageToken methods to refresh or revoke tokens like this:
Last updated