I'm creating an app where the user has to login and can use FaceID or TouchID to speed up the log in process.
Using FaceID or TouchID for the login can be enabled or disabled in the internal settings of the application.
When first using TouchID/FaceID the user has to grant these permissions to the app. I want that this permission request dialog appears as soon as the user enables biometric authentication in the app settings and not right before the user logs in using it.
I didn't find anything with google so I doubt this is even possible.
This is possible if you prompt the user to perform Touch or Face ID when the feature is enabled within the app.
As far as I know, there is no other way to trigger this permission prompt.
Related
We have added the face id description key in plist
NSFaceIDUsageDescription
This app requires Face ID permission to authenticate using Face recognition.
We are getting system pop up for accessing face id we want to dismiss that pop up.
Please see the pop up in image:
Unfortunately, you can't do it.
It's not under developer control. If you've added Face-ID authentication code in you application, then during first time application launch, it will prompt user to grant your app, face-id authentication.
And you must provide a privacy statement in info.plist, describing user in brief, for what purpose you need access to use face-id authentication.
Here is more detail about data security and user permission for private data access:
iOS 11.0 Security
In short, You can't skip this popup, if you've added code to access private information.
I'm creating a book library app, where people buy an account and become able to read all the books...
In the past, we were able to get the UDID of the iOS device and the login only works from this specific UDID.. now apple prevents this, another solutions were there like OPEN-UDID but now doesn't work...
Are there any other means to prevent the user from giving the credentials to another people??
The only solution on top of my head now is this :-
When a user login, a flag on the server becomes true, and when another account try to login using the same credentials, it will show an error message "you are already logged in on another device".. when the original user logs out, the flag becomes false.. this will prevent the account from being used on multiple devices at the same time.. but the drawback is, what if the user unInstalls the app without logging out?
Is there a research on this topic that covers all these scenarios?
Is there a way to use apple keychain or iCloud or any other solution ?
What you can do is on new login invalidate api request(and send them to login screen) of previous login you can use device token with each api to check if you want to send data to device or it's a old login token and needs redirect to login. you have to just store a device token for each account login if it matches then send data else redirect to login
Edit 1:
if you uninstall the app then you have to login again from other device to access the books(data) and in each login you'll replace the old token with new one. Now only device which has this new token can access books. All other device if there are any login left in any device then they will get message from API that token not matched and you have to redirect them to login page again
I am using Cognito to signup/signin users from my iOS swift Mobile App. It seems that after login, a temporary token is provided. Until the token expires, the user does not need to signin when he relaunches it.
My use case is that I always want my users to sign in when they launch the app. Does anyone knows how to customise Cognito for this kind of behaviour ?
I do not want to force log out when the users kill the app, because there are several other cases for which I won't be able to log out (during crash for instance)
The SDK can clear login state, perhaps you could store a timer for the last time they did sign in? Then when the app spins up, check that timer, and if it's above some threshold you could clear the login state and ask them to sign in again? That could handle a quick close and re-open.
Google's login integration guide for iOS does not actually describe the possibility of programmatically switching accounts.
My requirement is to allow the user to switch their Google account, but if they choose to cancel the switch then they should stay logged in with their current credentials. Youtube already do this but I can see they're using a custom built screen instead of the default account selection screen.
What I've done so far is to call this when user taps account image
GIDSignIn.sharedInstance().signOut()
GIDSignIn.sharedInstance().signIn()
which prompts the account selection screen each time, with the disadvantage that, of course, if the user cancels, they will be signed out of the app. There must be a way to preserve the authorisation token in the Keychain, but I don't know they key for it in order to trigger the save before displaying the screen. Is there an easier way to go about this?
I am developing an enterprise application which has user authentication which will be validated at the server side whenever user tries to login through web-service.
I have got a requirement to use iOS touch id for authentication as Apple released the API for 3rd party apps from iOS8.
I could able to find the tutorials on How to use the Touch ID for local authentication, but I am not able to understand how to map my user credentials with the Touch ID.
The exact requirement is user should be able to login to the application with Fingerprint Scanner i.e. using Touch ID but the backend validation should also happen.
How to map the User credentials with the Touch ID finger print? is it possible? if YES, where to store the mapping on local or server side?
Could anyone please help me to understand/implement the same.
Thanks in advance.
Working with TouchID is very easy, For your cases, There is two ways to authenticate user:-
Assumption:- When user is login, we are on application end storing secret token which helps us to validate user.
Using TouchID(iOS 8):-
Using Touch ID, we will get success call back from LAContext user authentication methods if user fingerprints are valid. After that we can acknowledge server directly if required & no required to validate user on server as it is already validate them self using fingerprint scanning.
We must be need to handle authentication fallback mechanism to handle such scenario like "failed to detect finger prints, etc.", In that case we need to authenticate user using Custom PIN or Device Passcode.
Custom PIN/Device Passcode(iOS 9):-
We can either user Custom PIN or Device passcode to authenticate user.
If we are authenticate user with Custom PIN than we required to store user authentication PIN on server & authenticate user every time when access application from background.
If we are authenticate user using Device Passcode(iOS 9), When user enter correct PIN, we will get success call in LAContext user authentication method. After that we can acknowledge server or directly give application access to user.