Authenticating with authorization headers in the Connect SDK for iOS
In the Connect SDK for the iOS platform, you can authenticate to a Pega® Platform application specifying values for authorization headers. Authorization headers are used by the OAuth 2.0 authorization protocol to allow client applications such as mobile apps to use third-party tokens to authenticate with a server. A method is available in the Connect SDK for iOS for this purpose.
Adding an authorization header
Use the setAuthorizationHeader()
method for the authenticationService
property to set a custom value for an authorization header. An authorization header is a type of custom header that you can use to authenticate with a server. For example, for basic authentication, you can add an authorization header with a value of MY_BASIC_HEADER_VALUE in the following way:
pegaApi.authenticationService.setAuthorizationHeader(header: "MY_BASIC_HEADER_VALUE");
The following code shown demonstrates how to authenticate to a Pega Platform application by using the authenticationService
property with an authorization header that has a value of Basic dGVzdC51c2VyOnBhc3N3b3Jk
.
let pegaApi = PMPegaApi(serverURL: URL(string: "http://sample.pega.com:8080/prweb/api/v1")!) pegaApi.authenticationService.setAuthorizationHeader(header: "Basic dGVzdC51c2VyOnBhc3N3b3Jk") // perform an action, for example, get case types
Authenticating without using an authorization header
If you do not need to use authorization headers to authenticate to a Pega Platform application, you can authenticate asynchronously by using the logIn()
method and specifying credentials in the following way:
let pegaApi = PMPegaApi(serverURL: URL(string: "http://sample.pega.com:8080/prweb/api/v1")!) pegaApi.authenticationService.logIn(user: "test.user", password: "password") { error in guard error == nil else { print("Login error: " + (error?.localizedDescription ?? "")) return } // perform an action, for example, get case types }
With this method of authenticating, the Connect SDK uses the basic authentication internally.