NOTE regarding iOS 9:
Apple has released iOS 9 which includes support for App Transport Security (ATS). ATS restricts apps from accessing the internet unless they meet several security requirements incuding TLS 1.2 and SHA-256. While Microsoft's APIs support these standards some third party APIs and content delivery networks we use have yet to be upgraded. This means that any app that relies on Azure Active Directory or Microsoft Accounts will fail when compiled with iOS 9. For now our recommendation is to disable ATS, which reverts to iOS 8 functionality. Please refer to this technote from Apple for more informtaion.
This sample shows how to build an iOS application that calls a web API that requires a Work Account for authentication. This sample uses the Active Directory authentication library for iOS to do the interactive OAuth 2.0 authorization code flow with public client.
Getting started with the sample is easy. It is configured to run out of the box with minimal setup. If you'd like a more detailed walkthrough including how to setup the REST API and register an Azure AD Directory follow the walk-through here.
$ git clone email@example.com:Azure-Samples/active-directory-ios.git
CocoaPods is the dependency manager for Swift and Objective-C Cocoa projects. It has thousands of libraries and can help you scale your projects elegantly. To install on OS X 10.9 and greater simply run the following command in your terminal:
$ sudo gem install cocoapods
Run the following command in your terminal:
$ pod install
This will download and build ADAL for iOS for you and configure your Microsoft Tasks B2C.xcodeproj to use the correct dependencies.
You should see the following output:
$ pod install Analyzing dependencies Pre-downloading: `ADALiOS` from `https://github.com/Azure-Samples/azure-activedirectory-library-for-objc.git`, branch `B2C-ADAL` Downloading dependencies Installing ADALiOS (1.2.2) Generating Pods project Integrating client project [!] Please close any current Xcode sessions and use `Microsoft Tasks.xcworkspace` for this project from now on.
Launch XCode and load the
Microsoft Tasks.xcworkspace file. The application will run in an emulator as soon as it is loaded.
In order to securely launch your applications in certain SSO scenarios we require that you create a Redirect URI in a particular format. A Redirect URI is used to ensure that the tokens return to the correct application that asked for them.
The iOS format for a Redirect URI is:
An example would be: mstodo://com.microsoft.windowsazure.activedirectory.samples.microsofttasks
You will need to configure your application to work with the Azure AD tenant you've created. Under "Supporting Files"you will find a settings.plist file. It contains the following information:
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>authority</key> <string>https://login.microsoftonline.com/common</string> <key>clientId</key> <string>xxxxxxx-xxxxxx-xxxxxxx-xxxxxxx</string> <key>resourceString</key> <string>https://localhost/todolistservice</string> <key>redirectUri</key> <string>mstodo://com.microsoft.windowsazure.activedirectory.samples.microsofttasks</string> <key>userId</key> <string>firstname.lastname@example.org</string> <key>taskWebAPI</key> <string>https://localhost/api/todolist/</string> </dict> </plist>
Replace the information in the plist file with your Web API settings.
The current defaults are set up to work with our Azure Active Directory Sample REST API Service for Node.js. You will need to specify the clientID of your Web API, however. If you are running your own API, you will need to update the endpoints as required.