SFOAuthCredentials Class Reference
| Inherits from | NSObject |
|---|---|
| Conforms to | NSCopying NSSecureCoding |
| Declared in | SFOAuthCredentials.h |
Overview
Object representing an individual user account’s logon credentials.
This object represents information about a user account necessary to authenticate and reauthenticate against Salesforce.com servers using OAuth2. It includes information such as the user’s account ID, the protocol to use, and any session or refresh tokens assigned by the server.
The secure information contained in this object is persisted securely within the
device’s Keychain, and is accessed by using the identifier property.
Instances of this object are used to begin the authentication process, by supplying
it to an SFOAuthCoordinator instance which conducts the authentication workflow.
The credentials stored in this object include:
Consumer key and secret
Request token and secret
Access token and secret
Other Methods
protocol
Protocol scheme for authenticating this account.
@property (nonatomic, readonly, strong, nullable) NSString *protocolDeclared In
SFOAuthCredentials.h
domain
Logon host domain name.
@property (nonatomic, readonly, nullable) NSString *domainDiscussion
The domain used to initiate a user login, for example login.salesforce.com or test.salesforce.com. The default is login.salesforce.com.
Declared In
SFOAuthCredentials.h
identifier
Credential identifier used to uniquely identify this credential in the keychain.
@property (nonatomic, readonly, nonnull) NSString *identifierDiscussion
Warning: This property is used by many underlying internal functions of this class and therefore must not be set to a
nil or empty value prior to accessing properties or methods identified in the documentation regarding this prohibition.
Warning: This property must not be modified while authenticating.
Declared In
SFOAuthCredentials.h
clientId
Client consumer key.
@property (nonatomic, readonly, nullable) NSString *clientIdDiscussion
Identifies the client for remote authentication.
Warning: This property must not be nil or empty when authentication is initiated or an exception will be raised.
Warning: This property must not be modified while authenticating.
Declared In
SFOAuthCredentials.h
redirectUri
Callback URL to load at the end of the authentication process.
@property (nonatomic, readonly, nullable) NSString *redirectUriDiscussion
This must match the callback URL in the Remote Access object exactly, or authentication will fail.
Declared In
SFOAuthCredentials.h
jwt
JWT.
@property (nonatomic, readonly, nullable) NSString *jwtDiscussion
JWT code used in the client breeze link flow.
Warning: This property must not be modified while authenticating.
Warning: This property should be set to nil after authentication.
Declared In
SFOAuthCredentials.h
refreshToken
Token used to refresh the user’s session.
@property (nonatomic, readonly, nullable) NSString *refreshTokenDiscussion
This property is set by the SFOAuthCoordinator after authentication has successfully completed.
Warning: The setter for this property is exposed publicly only for unit tests. Client code should use the revoke methods instead.
Exceptions
NSInternalInconsistencyException |
If this property is accessed when the identifier property is |
|---|
Declared In
SFOAuthCredentials.h
accessToken
The access token for the user’s session.
@property (nonatomic, readonly, nullable) NSString *accessTokenDiscussion
This property is set by the SFOAuthCoordinator after authentication has successfully completed.
Warning: The setter for this property is exposed publicly only for unit tests. Client code should use the revoke methods instead.
Exceptions
NSInternalInconsistencyException |
If accessed while the identifier property is |
|---|
Declared In
SFOAuthCredentials.h
beaconChildConsumerSecret
@property (nonatomic, readonly, nullable) NSString *beaconChildConsumerSecret organizationId
A readonly convenience property returning the Salesforce Organization ID provided in the path component of the identityUrl.
@property (nonatomic, readonly, nullable) NSString *organizationIdDiscussion
This property is available after authentication has successfully completed.
Warning: The setter for this property is exposed publicly only for unit tests. Client code should not set this property.
Exceptions
NSInternalInconsistencyException |
If accessed while the identifier property is |
|---|
Declared In
SFOAuthCredentials.h
instanceUrl
The URL of the server instance for this session. This URL always refers to the base organization
instance, even if the user has logged through a community-based login flow.
See community_id and community_url.
@property (nonatomic, readonly, nullable) NSURL *instanceUrlDiscussion
This is the URL that client requests should be made to after authentication completes.
This property is set by the SFOAuthCoordinator after authentication has successfully completed.
Warning: The setter for this property is exposed publicly only for unit tests. Client code should not set this property.
Declared In
SFOAuthCredentials.h
apiInstanceUrl
The URL of the SFAP server instance for this session.
@property (nonatomic, readonly, nullable) NSURL *apiInstanceUrlDiscussion
This is the URL that client SFAP requests should be made to after authentication completes.
This property is set by the SFOAuthCoordinator after authentication has successfully completed.
This URL is only defined when sfap_api scope is used.
Warning: The setter for this property is exposed publicly only for unit tests. Client code should not set this property.
Declared In
SFOAuthCredentials.h
communityId
The community ID the user choose to log into. This usually happens when the user logs into the app using a community-based login page
@property (nonatomic, readonly, nullable) NSString *communityIdDiscussion
Note: this property is nil of the user logs into the internal community or into an org that doesn’t have communities.
Declared In
SFOAuthCredentials.h
communityUrl
The community-base URL the user choose to log into. This usually happens when the user logs into the app using a community-based login page
@property (nonatomic, readonly, nullable) NSURL *communityUrlDiscussion
Note: this property is nil if the user logs into the internal community or into an org that doesn’t have communities.
Declared In
SFOAuthCredentials.h
issuedAt
The timestamp when the session access token was issued.
@property (nonatomic, readonly, nullable) NSDate *issuedAtDiscussion
This property is set by the SFOAuthCoordinator after authentication has successfully completed.
Warning: The setter for this property is exposed publicly only for unit tests. Client code should not set this property.
Declared In
SFOAuthCredentials.h
identityUrl
The identity URL for the user returned as part of a successful authentication response. The format of the URL is: https://login.salesforce.com/ID/orgID/userID where orgId is the ID of the Salesforce organization that the user belongs to, and userID is the Salesforce user ID.
@property (nonatomic, readonly, nullable) NSURL *identityUrlDiscussion
This property is set by the SFOAuthCoordinator after authentication has successfully completed.
Warning: The setter for this property is exposed publicly only for unit tests. Client code should not set this property.
Declared In
SFOAuthCredentials.h
apiUrl
The community URL, if present. The instance URL, otherwise.
@property (nonatomic, readonly, nullable) NSURL *apiUrlDeclared In
SFOAuthCredentials.h
userId
A readonly convenience property returning the first 15 characters of the Salesforce User ID provided in the final path component of the identityUrl.
@property (nonatomic, readonly, nullable) NSString *userIdDiscussion
This property is available after authentication has successfully completed.
Warning: The setter for this property is exposed publicly only for unit tests. Client code should not set this property.
Declared In
SFOAuthCredentials.h
encrypted
Determines if sensitive data such as the refreshToken and accessToken are encrypted
@property (nonatomic, readonly, getter=isEncrypted) BOOL encryptedDeclared In
SFOAuthCredentials.h
additionalOAuthFields
A dictionary containing key-value pairs for any of the keys provided via the additionalOAuthParameterKeys property of SFUserAccountManager. If a key does not match a value in the parsed response, then it will not exist in the dictionary.
@property (nonatomic, readonly, nullable) NSDictionary *additionalOAuthFieldsDeclared In
SFOAuthCredentials.h
Initialization
– initWithIdentifier:clientId:encrypted:
Initializes an authentication credential object with the given identifier and client ID.
- (_Nullable instancetype)initWithIdentifier:(NSString *_Nonnull)theIdentifier clientId:(NSString *_Nullable)theClientId encrypted:(BOOL)encryptedParameters
theIdentifier |
An identifier for this credential instance. |
|---|---|
theClientId |
The client ID (also known as consumer key) to be used for the OAuth session. |
encrypted |
Determines if the sensitive data like refreshToken and accessToken should be encrypted |
Return Value
An initialized authentication credential object.
Discussion
The identifier uniquely identifies the credentials object within the device’s secure keychain. The client ID identifies the client for remote authentication.
Declared In
SFOAuthCredentials.h
– initWithIdentifier:clientId:encrypted:storageType:
Initializes an authentication credential object with the given identifier and client ID. This is the designated initializer.
- (_Nullable instancetype)initWithIdentifier:(NSString *_Nonnull)theIdentifier clientId:(NSString *_Nullable)theClientId encrypted:(BOOL)encrypted storageType:(SFOAuthCredentialsStorageType)typeParameters
theIdentifier |
An identifier for this credential instance. |
|---|---|
theClientId |
The client ID (also known as consumer key) to be used for the OAuth session. |
encrypted |
Determines if the sensitive data like refreshToken and accessToken should be encrypted |
type |
Indicates whether the OAuth credentials are stored in the keychain |
Return Value
An initialized authentication credential object.
Discussion
If type is set to SFOAuthCredentialsStorageTypeKeychain, the given identifier uniquely identifies the credentials object within that keychain.
The client ID identifies the client for remote authentication.
Declared In
SFOAuthCredentials.h
– revoke
Revoke the OAuth access and refresh tokens.
- (void)revokeDiscussion
Warning: Calling this method when the identifier property is nil will raise an NSInternalInconsistencyException.
Declared In
SFOAuthCredentials.h
– revokeAccessToken
Revoke the OAuth access token.
- (void)revokeAccessTokenExceptions
NSInternalInconsistencyException |
If called when the identifier property is |
|---|
Declared In
SFOAuthCredentials.h
– revokeRefreshToken
Revoke the OAuth refresh token.
- (void)revokeRefreshTokenExceptions
NSInternalInconsistencyException |
If called while the identifier property is |
|---|
Declared In
SFOAuthCredentials.h
– getClientIdForRefresh
Returns the oauth client id to use for refresh In the case of beacon app, the beacon child consumer key returned during login should be used instead of the configured consumer key
- (NSString *)getClientIdForRefreshDeclared In
SFOAuthCredentials.h
Extension Methods
credentialsChangeSet
@property (nonatomic, readwrite, nullable) NSMutableDictionary *credentialsChangeSet– setPropertyForKey:withValue:
- (void)setPropertyForKey:(NSString *_Nonnull)key withValue:(id _Nullable)newValue– resetCredentialsChangeSet
Reset changes to credentials, called at the end of auth flow.
- (void)resetCredentialsChangeSetDeclared In
SFOAuthCredentials+Internal.h