Skip to main content
Version: Next

Establishing delegated authentication

The establishAuthentication method facilitates the authentication of users managed by your identity provider.

This method requires two parameters. The first parameter must be a string that uniquely identifies the user, and the second parameter is a closure that receives a string as input and outputs a string.

Inside the provided closure, you must send the input string to the designated backend endpoint within your domain to initiate authentication. Upon success, the request should return a string that must be returned from the closure.

If the Vipaso SDK successfully establishes authentication for the provided user, it triggers a callback through the VipasoDelegate.onAuthenticationStateChange method with the updated authentication state.

do {
    try await vipaso.user.delegated.establishAuthentication(
        userIdentifier: userIDString,
        connect: { jwk in
            // JWK is a JSON Web Key provided by the Vipaso SDK
            // Send the JWK to the dedicated backend endpoint in your domain
            // Your backend processes the JWK and returns an encrypted token
            
            // Example implementation:
            return try await yourBackendService.processJWK(jwk)
        }
    )
    // Authentication established successfully
} catch {
    // Handle authentication error
    print("Delegated authentication failed: \(error.localizedDescription)")
}

Expect the outcome in the callback at:

extension VipasoAuthenticationConsumer: VipasoDelegate {
  
  ...
	
  func onAuthenticationStateChange(vipaso: VipasoSDKProtocol, authenticated: Bool) {
    if authenticated {
        // Handle successful authentication
    } else {
        // Handle authloss/unauthenticated cases for Vipaso SDK
    }
  }
  ...
  
}