Version: 7.0

Getting Started with Auth Connect

Generate the Application

Before we explore the use of Auth Connect, we need to scaffold an application. In this section, we will generate an @ionic/vue tabs based application, perform some basic configuration, and add the iOS and Android platforms.

Terminal


_10ionic start getting-started-ac tabs --type=vue

Use the Ionic CLI to generate the application.

Terminal


_10ionic start getting-started-ac tabs --type=vue
_10cd getting-started-ac

Change directory into the newly generated project.

Terminal

capacitor.config.ts


_12import { CapacitorConfig } from '@capacitor/cli';
_12
_12const config: CapacitorConfig = {
_12  appId: 'io.ionic.gettingstartedac',
_12  appName: 'getting-started-ac',
_12  webDir: 'dist',
_12  server: {
_12    androidScheme: 'https',
_12  },
_12};
_12
_12export default config;

Change the appId to be something unique. The appId is used as the bundle ID / application ID. Therefore it should be a string that is unique to your organization and application. We will use io.ionic.gettingstartedac for this application.

It is best to do this before adding the iOS and Android platforms to ensure they are setup properly from the start.

Terminal

capacitor.config.ts


_10ionic start getting-started-ac tabs --type=vue
_10cd getting-started-ac
_10npm run build
_10ionic cap add android
_10ionic cap add ios

Build the application and install the platforms.

Terminal

capacitor.config.ts

package.json


_15{
_15  "name": "getting-started-ac",
_15  "version": "0.0.1",
_15  "author": "Ionic Framework",
_15  "homepage": "https://ionicframework.com/",
_15  "scripts": {
_15    "dev": "vite",
_15    "build": "vue-tsc && vite build && cap sync",
_15    "preview": "vite preview",
_15    "test:e2e": "cypress run",
_15    "test:unit": "vitest",
_15    "lint": "eslint"
_15  },
_15  ...
_15}

We should do a cap sync with each build. This ensures our native projects remain up to date. Change the scripts in package.json to do this.

Terminal

capacitor.config.ts

package.json

vite.config.ts


_21import legacy from '@vitejs/plugin-legacy';
_21import vue from '@vitejs/plugin-vue';
_21import path from 'path';
_21import { defineConfig } from 'vite';
_21
_21// https://vitejs.dev/config/
_21export default defineConfig({
_21  plugins: [vue(), legacy()],
_21  resolve: {
_21    alias: {
_21      '@': path.resolve(__dirname, './src'),
_21    },
_21  },
_21  server: {
_21    port: 8100,
_21  },
_21  test: {
_21    globals: true,
_21    environment: 'jsdom',
_21  },
_21});

Modify the vite.config.ts file to ensure that the development server (npm run dev) uses port 8100.

Use the Ionic CLI to generate the application.

Change directory into the newly generated project.

It is best to do this before adding the iOS and Android platforms to ensure they are setup properly from the start.

Build the application and install the platforms.

We should do a cap sync with each build. This ensures our native projects remain up to date. Change the scripts in package.json to do this.

Modify the vite.config.ts file to ensure that the development server (npm run dev) uses port 8100.

Terminal


_10ionic start getting-started-ac tabs --type=vue

Install Auth Connect

In order to install Auth Connect, you will need to use ionic enterprise register to register your product key. This will create a .npmrc file containing the product key.

If you have already performed that step for your production application, you can just copy the .npmrc file from your production project. Since this application is for learning purposes only, you don't need to obtain another key.

You can now install Auth Connect and sync the platforms:

Terminal


_10npm install @ionic-enterprise/auth
_10npx cap sync

Create the `Authentication` Composable

All interaction with Auth Connect will be abstracted into an Authentication Composable. Create a src/composables directory. Then create a src/composables/authentication.ts file containing the shell of our composable.

src/composables/authentication.ts


_10export const useAuthentication = () => ({});

Setup and Initialization

Before we use Auth Connect, we need to make sure that it is properly set up and initialized.

src/composables/authentication.ts

src/main.ts


_10export const useAuthentication = () => ({});

We will build the composable up to perform the setup and initialization required by Auth Connect.

src/composables/authentication.ts

src/main.ts


_10import { Capacitor } from '@capacitor/core';
_10
_10const isNative = Capacitor.isNativePlatform();
_10
_10export const useAuthentication = () => ({});

Auth Connect needs a slightly different configuration between mobile and web, so we need to know in which context we are currently running.

src/composables/authentication.ts

src/main.ts


_10import { Capacitor } from '@capacitor/core';
_10import { Auth0Provider } from '@ionic-enterprise/auth';
_10
_10const isNative = Capacitor.isNativePlatform();
_10const provider = new Auth0Provider();
_10
_10export const useAuthentication = () => ({});

For this tutorial, we are using Auth0 as the authentication vendor. We need to create an Auth0Provider to help Auth Connect with the communication with Auth0.

src/composables/authentication.ts

src/main.ts


_21import { Capacitor } from '@capacitor/core';
_21import { Auth0Provider, ProviderOptions } from '@ionic-enterprise/auth';
_21
_21const isNative = Capacitor.isNativePlatform();
_21const provider = new Auth0Provider();
_21
_21const authOptions: ProviderOptions = {
_21  audience: 'https://io.ionic.demo.ac',
_21  clientId: 'yLasZNUGkZ19DGEjTmAITBfGXzqbvd00',
_21  discoveryUrl:
_21    'https://dev-2uspt-sz.us.auth0.com/.well-known/openid-configuration',
_21  logoutUrl: isNative
_21    ? 'io.ionic.acdemo://auth-action-complete'
_21    : 'http://localhost:8100/auth-action-complete',
_21  redirectUri: isNative
_21    ? 'io.ionic.acdemo://auth-action-complete'
_21    : 'http://localhost:8100/auth-action-complete',
_21  scope: 'openid offline_access email picture profile',
_21};
_21
_21export const useAuthentication = () => ({});

Auth Connect needs to know how to communicate with our authentication vendor. You will likely need to get this information from the team that manages your cloud infrastructure.

src/composables/authentication.ts

src/main.ts


_38import { Capacitor } from '@capacitor/core';
_38import {
_38  Auth0Provider,
_38  AuthConnect,
_38  ProviderOptions,
_38} from '@ionic-enterprise/auth';
_38
_38const isNative = Capacitor.isNativePlatform();
_38const provider = new Auth0Provider();
_38
_38const authOptions: ProviderOptions = {
_38  audience: 'https://io.ionic.demo.ac',
_38  clientId: 'yLasZNUGkZ19DGEjTmAITBfGXzqbvd00',
_38  discoveryUrl:
_38    'https://dev-2uspt-sz.us.auth0.com/.well-known/openid-configuration',
_38  logoutUrl: isNative
_38    ? 'io.ionic.acdemo://auth-action-complete'
_38    : 'http://localhost:8100/auth-action-complete',
_38  redirectUri: isNative
_38    ? 'io.ionic.acdemo://auth-action-complete'
_38    : 'http://localhost:8100/auth-action-complete',
_38  scope: 'openid offline_access email picture profile',
_38};
_38
_38export const useAuthentication = () => ({
_38  initializeAuthentication: async (): Promise<void> =>
_38    AuthConnect.setup({
_38      platform: isNative ? 'capacitor' : 'web',
_38      logLevel: 'DEBUG',
_38      ios: {
_38        webView: 'private',
_38      },
_38      web: {
_38        uiMode: 'popup',
_38        authFlow: 'PKCE',
_38      },
_38    }),
_38});

We need to perform a one-time setup with Auth Connect. Please refer to the documentation if you have any questions about the individual properties. We will start here with a simple set up that is good for development.

src/composables/authentication.ts

src/main.ts


_34import { createApp } from 'vue';
_34import App from './App.vue';
_34import router from './router';
_34
_34import { IonicVue } from '@ionic/vue';
_34
_34/* Core CSS required for Ionic components to work properly */
_34import '@ionic/vue/css/core.css';
_34
_34/* Basic CSS for apps built with Ionic */
_34import '@ionic/vue/css/normalize.css';
_34import '@ionic/vue/css/structure.css';
_34import '@ionic/vue/css/typography.css';
_34
_34/* Optional CSS utils that can be commented out */
_34import '@ionic/vue/css/padding.css';
_34import '@ionic/vue/css/float-elements.css';
_34import '@ionic/vue/css/text-alignment.css';
_34import '@ionic/vue/css/text-transformation.css';
_34import '@ionic/vue/css/flex-utils.css';
_34import '@ionic/vue/css/display.css';
_34
_34/* Theme variables */
_34import '@ionic/vue/css/palettes/dark.system.css';
_34import './theme/variables.css';
_34
_34import { useAuthentication } from '@/composables/authentication';
_34const { initializeAuthentication } = useAuthentication();
_34
_34initializeAuthentication().then(async () => {
_34  const app = createApp(App).use(IonicVue).use(router);
_34  await router.isReady();
_34  app.mount('#app');
_34});

Modify src/main.ts to ensure Auth Connect is initialized prior to creating and mounting the application.

We will build the composable up to perform the setup and initialization required by Auth Connect.

Auth Connect needs a slightly different configuration between mobile and web, so we need to know in which context we are currently running.

For this tutorial, we are using Auth0 as the authentication vendor. We need to create an Auth0Provider to help Auth Connect with the communication with Auth0.

Auth Connect needs to know how to communicate with our authentication vendor. You will likely need to get this information from the team that manages your cloud infrastructure.

Modify src/main.ts to ensure Auth Connect is initialized prior to creating and mounting the application.

src/composables/authentication.ts

src/main.ts


_10export const useAuthentication = () => ({});

Create the `auth-action-complete` Page

Note that the logoutUrl and redirectUri properties are using the /auth-action-complete route. Create a page for the route. The page does not have to do much. We will just display a spinner in case someone sees it momentarily.

src/views/AuthActionCompletePage.vue


_23<template>
_23  <ion-content class="main-content">
_23    <div class="container">
_23      <ion-spinner name="dots"></ion-spinner>
_23    </div>
_23  </ion-content>
_23</template>
_23
_23<script setup lang="ts">
_23import { IonContent, IonSpinner } from '@ionic/vue';
_23</script>
_23
_23<style scoped>
_23.container {
_23  text-align: center;
_23
_23  position: absolute;
_23  left: 0;
_23  right: 0;
_23  top: 50%;
_23  transform: translateY(-50%);
_23}
_23</style>

Be sure to add the route in the router setup.

router/index.ts


_43import { createRouter, createWebHistory } from '@ionic/vue-router';
_43import { RouteRecordRaw } from 'vue-router';
_43import TabsPage from '../views/TabsPage.vue';
_43
_43const routes: Array<RouteRecordRaw> = [
_43  {
_43    path: '/',
_43    redirect: '/tabs/tab1',
_43  },
_43    component: () => import('@/views/AuthActionCompletePage.vue'),

Handling the Authentication Flow

Auth Connect is now properly set up and initialized. We can move on to creating the basic log in and log out flow. Within this flow, an AuthResult is obtained during log in that represents our authentication session. So long as we have an AuthResult object, we have an authentication session. The AuthResult is no longer valid after the user logs out.

We begin by creating the login() and logout() functions.

src/composables/authentication.ts


_40import { Capacitor } from '@capacitor/core';
_40import {
_40  Auth0Provider,
_40  AuthConnect,
_40  AuthResult,
_40  ProviderOptions,
_40} from '@ionic-enterprise/auth';
_40
_40const isNative = Capacitor.isNativePlatform();
_40const provider = new Auth0Provider();
_40let authResult: AuthResult | null = null;
_40
_40const authOptions: ProviderOptions = {
_40  audience: 'https://io.ionic.demo.ac',
_40  clientId: 'yLasZNUGkZ19DGEjTmAITBfGXzqbvd00',
_40  discoveryUrl:
_40    'https://dev-2uspt-sz.us.auth0.com/.well-known/openid-configuration',
_40  logoutUrl: isNative
_40    ? 'io.ionic.acdemo://auth-action-complete'
_40    : 'http://localhost:8100/auth-action-complete',
_40  redirectUri: isNative
_40    ? 'io.ionic.acdemo://auth-action-complete'
_40    : 'http://localhost:8100/auth-action-complete',
_40  scope: 'openid offline_access email picture profile',
_40};
_40
_40export const useAuthentication = () => ({
_40  initializeAuthentication: async (): Promise<void> =>
_40    AuthConnect.setup({
_40      platform: isNative ? 'capacitor' : 'web',
_40      logLevel: 'DEBUG',
_40      ios: {
_40        webView: 'private',
_40      },
_40      web: {
_40        uiMode: 'popup',
_40        authFlow: 'PKCE',
_40      },
_40    }),
_40});

The AuthConnect.login() call resolves an AuthResult if the operation succeeds. The AuthResult contains the auth tokens as well as some other information. This object needs to be passed to almost all other Auth Connect functions. As such, it needs to be saved. We will store it in our authentication composable for now.

src/composables/authentication.ts


_43import { Capacitor } from '@capacitor/core';
_43import {
_43  Auth0Provider,
_43  AuthConnect,
_43  AuthResult,
_43  ProviderOptions,
_43} from '@ionic-enterprise/auth';
_43
_43const isNative = Capacitor.isNativePlatform();
_43const provider = new Auth0Provider();
_43let authResult: AuthResult | null = null;
_43
_43const authOptions: ProviderOptions = {
_43  audience: 'https://io.ionic.demo.ac',
_43  clientId: 'yLasZNUGkZ19DGEjTmAITBfGXzqbvd00',
_43  discoveryUrl:
_43    'https://dev-2uspt-sz.us.auth0.com/.well-known/openid-configuration',
_43  logoutUrl: isNative
_43    ? 'io.ionic.acdemo://auth-action-complete'
_43    : 'http://localhost:8100/auth-action-complete',
_43  redirectUri: isNative
_43    ? 'io.ionic.acdemo://auth-action-complete'
_43    : 'http://localhost:8100/auth-action-complete',
_43  scope: 'openid offline_access email picture profile',
_43};
_43
_43export const useAuthentication = () => ({
_43  initializeAuthentication: async (): Promise<void> =>
_43    AuthConnect.setup({
_43      platform: isNative ? 'capacitor' : 'web',
_43      logLevel: 'DEBUG',
_43      ios: {
_43        webView: 'private',
_43      },
_43      web: {
_43        uiMode: 'popup',
_43        authFlow: 'PKCE',
_43      },
_43    }),
_43  login: async (): Promise<void> => {
_43    authResult = await AuthConnect.login(provider, authOptions);
_43  },
_43});

For the login(), we need to pass both the provider and the options we established earlier.

src/composables/authentication.ts


_49import { Capacitor } from '@capacitor/core';
_49import {
_49  Auth0Provider,
_49  AuthConnect,
_49  AuthResult,
_49  ProviderOptions,
_49} from '@ionic-enterprise/auth';
_49
_49const isNative = Capacitor.isNativePlatform();
_49const provider = new Auth0Provider();
_49let authResult: AuthResult | null = null;
_49
_49const authOptions: ProviderOptions = {
_49  audience: 'https://io.ionic.demo.ac',
_49  clientId: 'yLasZNUGkZ19DGEjTmAITBfGXzqbvd00',
_49  discoveryUrl:
_49    'https://dev-2uspt-sz.us.auth0.com/.well-known/openid-configuration',
_49  logoutUrl: isNative
_49    ? 'io.ionic.acdemo://auth-action-complete'
_49    : 'http://localhost:8100/auth-action-complete',
_49  redirectUri: isNative
_49    ? 'io.ionic.acdemo://auth-action-complete'
_49    : 'http://localhost:8100/auth-action-complete',
_49  scope: 'openid offline_access email picture profile',
_49};
_49
_49export const useAuthentication = () => ({
_49  initializeAuthentication: async (): Promise<void> =>
_49    AuthConnect.setup({
_49      platform: isNative ? 'capacitor' : 'web',
_49      logLevel: 'DEBUG',
_49      ios: {
_49        webView: 'private',
_49      },
_49      web: {
_49        uiMode: 'popup',
_49        authFlow: 'PKCE',
_49      },
_49    }),
_49  login: async (): Promise<void> => {
_49    authResult = await AuthConnect.login(provider, authOptions);
_49  },
_49  logout: async (): Promise<void> => {
_49    if (authResult) {
_49      await AuthConnect.logout(provider, authResult);
_49      authResult = null;
_49    }
_49  },
_49});

For the logout(), when calling Auth Connect we need to pass the provider as well as the AuthResult we established with the login().

For the login(), we need to pass both the provider and the options we established earlier.

For the logout(), when calling Auth Connect we need to pass the provider as well as the AuthResult we established with the login().

src/composables/authentication.ts


_40import { Capacitor } from '@capacitor/core';
_40import {
_40  Auth0Provider,
_40  AuthConnect,
_40  AuthResult,
_40  ProviderOptions,
_40} from '@ionic-enterprise/auth';
_40
_40const isNative = Capacitor.isNativePlatform();
_40const provider = new Auth0Provider();
_40let authResult: AuthResult | null = null;
_40
_40const authOptions: ProviderOptions = {
_40  audience: 'https://io.ionic.demo.ac',
_40  clientId: 'yLasZNUGkZ19DGEjTmAITBfGXzqbvd00',
_40  discoveryUrl:
_40    'https://dev-2uspt-sz.us.auth0.com/.well-known/openid-configuration',
_40  logoutUrl: isNative
_40    ? 'io.ionic.acdemo://auth-action-complete'
_40    : 'http://localhost:8100/auth-action-complete',
_40  redirectUri: isNative
_40    ? 'io.ionic.acdemo://auth-action-complete'
_40    : 'http://localhost:8100/auth-action-complete',
_40  scope: 'openid offline_access email picture profile',
_40};
_40
_40export const useAuthentication = () => ({
_40  initializeAuthentication: async (): Promise<void> =>
_40    AuthConnect.setup({
_40      platform: isNative ? 'capacitor' : 'web',
_40      logLevel: 'DEBUG',
_40      ios: {
_40        webView: 'private',
_40      },
_40      web: {
_40        uiMode: 'popup',
_40        authFlow: 'PKCE',
_40      },
_40    }),
_40});

We can use the first tab of our application to test the login() and logout() functions.

src/views/Tab1Page.vue


_29<template>
_29  <ion-page>
_29    <ion-header>
_29      <ion-toolbar>
_29        <ion-title>Tab 1</ion-title>
_29      </ion-toolbar>
_29    </ion-header>
_29    <ion-content :fullscreen="true">
_29      <ion-header collapse="condense">
_29        <ion-toolbar>
_29          <ion-title size="large">Tab 1</ion-title>
_29        </ion-toolbar>
_29      </ion-header>
_29
_29      <ExploreContainer name="Tab 1 page" />
_29    </ion-content>
_29  </ion-page>
_29</template>
_29
_29<script setup lang="ts">
_29import {
_29  IonPage,
_29  IonHeader,
_29  IonToolbar,
_29  IonTitle,
_29  IonContent,
_29} from '@ionic/vue';
_29import ExploreContainer from '@/components/ExploreContainer.vue';
_29</script>

Currently, the Tab1Page contains the default skeleton code.

src/views/Tab1Page.vue


_32<template>
_32  <ion-page>
_32    <ion-header>
_32      <ion-toolbar>
_32        <ion-title>Tab 1</ion-title>
_32      </ion-toolbar>
_32    </ion-header>
_32    <ion-content :fullscreen="true">
_32      <ion-header collapse="condense">
_32        <ion-toolbar>
_32          <ion-title size="large">Tab 1</ion-title>
_32        </ion-toolbar>
_32      </ion-header>
_32
_32      <ExploreContainer name="Tab 1 page" />
_32    </ion-content>
_32  </ion-page>
_32</template>
_32
_32<script setup lang="ts">
_32import {
_32  IonPage,
_32  IonHeader,
_32  IonToolbar,
_32  IonTitle,
_32  IonContent,
_32} from '@ionic/vue';
_32import ExploreContainer from '@/components/ExploreContainer.vue';
_32import { useAuthentication } from '@/composables/authentication';
_32
_32const { login, logout } = useAuthentication();
_32</script>

Import our the useAuthentication composable and destructure the login() and logout() functions.

src/views/Tab1Page.vue


_40<template>
_40  <ion-page>
_40    <ion-header>
_40      <ion-toolbar>
_40        <ion-title>Tab 1</ion-title>
_40      </ion-toolbar>
_40    </ion-header>
_40    <ion-content :fullscreen="true">
_40      <ion-header collapse="condense">
_40        <ion-toolbar>
_40          <ion-title size="large">Tab 1</ion-title>
_40        </ion-toolbar>
_40      </ion-header>
_40
_40      <ExploreContainer name="Tab 1 page" />
_40    </ion-content>
_40  </ion-page>
_40</template>
_40
_40<script setup lang="ts">
_40import {
_40  IonPage,
_40  IonHeader,
_40  IonToolbar,
_40  IonTitle,
_40  IonContent,
_40} from '@ionic/vue';
_40import ExploreContainer from '@/components/ExploreContainer.vue';
_40import { useAuthentication } from '@/composables/authentication';
_40
_40const { login, logout } = useAuthentication();
_40
_40const loginClicked = async (): Promise<void> => {
_40  await login();
_40};
_40
_40const logoutClicked = async (): Promise<void> => {
_40  await logout();
_40};
_40</script>

Create loginClicked() and logoutClicked() functions that we can bind to in our template.

src/views/Tab1Page.vue


_41<template>
_41  <ion-page>
_41    <ion-header>
_41      <ion-toolbar>
_41        <ion-title>Tab 1</ion-title>
_41      </ion-toolbar>
_41    </ion-header>
_41    <ion-content :fullscreen="true">
_41      <ion-header collapse="condense">
_41        <ion-toolbar>
_41          <ion-title size="large">Tab 1</ion-title>
_41        </ion-toolbar>
_41      </ion-header>
_41
_41      <ion-button @click="loginClicked">Login</ion-button>
_41      <ion-button @click="logoutClicked">Logout</ion-button>
_41    </ion-content>
_41  </ion-page>
_41</template>
_41
_41<script setup lang="ts">
_41import {
_41  IonButton,
_41  IonPage,
_41  IonHeader,
_41  IonToolbar,
_41  IonTitle,
_41  IonContent,
_41} from '@ionic/vue';
_41import { useAuthentication } from '@/composables/authentication';
_41
_41const { login, logout } = useAuthentication();
_41
_41const loginClicked = async (): Promise<void> => {
_41  await login();
_41};
_41
_41const logoutClicked = async (): Promise<void> => {
_41  await logout();
_41};
_41</script>

Replace the ExploreContainer with login and logout buttons.

Currently, the Tab1Page contains the default skeleton code.

Import our the useAuthentication composable and destructure the login() and logout() functions.

Create loginClicked() and logoutClicked() functions that we can bind to in our template.

Replace the ExploreContainer with login and logout buttons.

src/views/Tab1Page.vue


_29<template>
_29  <ion-page>
_29    <ion-header>
_29      <ion-toolbar>
_29        <ion-title>Tab 1</ion-title>
_29      </ion-toolbar>
_29    </ion-header>
_29    <ion-content :fullscreen="true">
_29      <ion-header collapse="condense">
_29        <ion-toolbar>
_29          <ion-title size="large">Tab 1</ion-title>
_29        </ion-toolbar>
_29      </ion-header>
_29
_29      <ExploreContainer name="Tab 1 page" />
_29    </ion-content>
_29  </ion-page>
_29</template>
_29
_29<script setup lang="ts">
_29import {
_29  IonPage,
_29  IonHeader,
_29  IonToolbar,
_29  IonTitle,
_29  IonContent,
_29} from '@ionic/vue';
_29import ExploreContainer from '@/components/ExploreContainer.vue';
_29</script>

Test this in the web using the following credentials:

email: test@ionic.io
password: Ion54321

At this point if we press the Login button, a tab should open where we can log in using Auth0. This tab will close after we log in. When we press the logout button a tab will briefly open to perform the logout and then automatically close.

Note that if you press the Login button while already logged in the login tab is closed immediately. This is expected behavior.

Configure the Native Projects

Login and logout are working in your web browser. Build your application for mobile and try to run them there. You can use an emulator or an actual device for this test.

Terminal


_10npm run build
_10npx cap open android
_10npx cap open ios

On Android you are not returned to the application after logging in. You seem to be stuck at the Auth0 login page. On iOS you get an invalid URL error after successfully logging in on Auth0.

The problem is that on mobile we are deep-linking back into our application using io.ionic.acdemo://auth-action-complete. We have not registered that scheme with the OS so it does not know to deep-link back to our application. We will set that up now.

For Android, modify the android/variables.gradle file to include the AUTH_URL_SCHEME value:

app/variables.gradle


_17ext {
_17    minSdkVersion = 22
_17    compileSdkVersion = 34
_17    targetSdkVersion = 34
_17    AUTH_URL_SCHEME = 'io.ionic.acdemo'

For iOS, add a CFBundleURLTypes section to the ios/App/App/Info.plist file:

App/App/Info.plist


_58<?xml version="1.0" encoding="UTF-8"?>
_58<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
_58<plist version="1.0">
_58  <dict>
_58    <key>CFBundleDevelopmentRegion</key>
_58    <string>en</string>
_58    <key>CFBundleDisplayName</key>
_58    <string>getting-started-ac</string>
_58    <key>CFBundleExecutable</key>
_58          <string>io.ionic.acdemo</string>

Re-run the application from Xcode and Android Studio. You should now be able to perform the authentication properly on the mobile applications.

Managing the Authentication Session

Determine if Authenticated

We can log in and we can log out, but it is hard to tell what our current authentication state is. Let's fix that now.

src/composables/authentication.ts

src/views/Tab1Page.vue


_53import { Capacitor } from '@capacitor/core';
_53import {
_53  Auth0Provider,
_53  AuthConnect,
_53  AuthResult,
_53  ProviderOptions,
_53} from '@ionic-enterprise/auth';
_53
_53const isNative = Capacitor.isNativePlatform();
_53const provider = new Auth0Provider();
_53const authOptions: ProviderOptions = {
_53  audience: 'https://io.ionic.demo.ac',
_53  clientId: 'yLasZNUGkZ19DGEjTmAITBfGXzqbvd00',
_53  discoveryUrl:
_53    'https://dev-2uspt-sz.us.auth0.com/.well-known/openid-configuration',
_53  logoutUrl: isNative
_53    ? 'io.ionic.acdemo://auth-action-complete'
_53    : 'http://localhost:8100/auth-action-complete',
_53  redirectUri: isNative
_53    ? 'io.ionic.acdemo://auth-action-complete'
_53    : 'http://localhost:8100/auth-action-complete',
_53  scope: 'openid offline_access email picture profile',
_53};
_53let authResult: AuthResult | null = null;
_53
_53export const useAuthentication = () => ({
_53  initializeAuthentication: async (): Promise<void> =>
_53    AuthConnect.setup({
_53      platform: isNative ? 'capacitor' : 'web',
_53      logLevel: 'DEBUG',
_53      ios: {
_53        webView: 'private',
_53      },
_53      web: {
_53        uiMode: 'popup',
_53        authFlow: 'PKCE',
_53      },
_53    }),
_53  isAuthenticated: async (): Promise<boolean> => {
_53    return (
_53      !!authResult && (await AuthConnect.isAccessTokenAvailable(authResult))
_53    );
_53  },
_53  login: async (): Promise<void> => {
_53    authResult = await AuthConnect.login(provider, authOptions);
_53  },
_53  logout: async (): Promise<void> => {
_53    if (authResult) {
_53      await AuthConnect.logout(provider, authResult);
_53      authResult = null;
_53    }
_53  },
_53});

If we have an AuthResult with an access token we will assume that we are authenticated. The authentication session could be expired or otherwise invalid, but we will work on handling that in other tutorials.

src/composables/authentication.ts

src/views/Tab1Page.vue


_43<template>
_43  <ion-page>
_43    <ion-header>
_43      <ion-toolbar>
_43        <ion-title>Tab 1</ion-title>
_43      </ion-toolbar>
_43    </ion-header>
_43    <ion-content :fullscreen="true">
_43      <ion-header collapse="condense">
_43        <ion-toolbar>
_43          <ion-title size="large">Tab 1</ion-title>
_43        </ion-toolbar>
_43      </ion-header>
_43
_43      <ion-button @click="loginClicked">Login</ion-button>
_43      <ion-button @click="logoutClicked">Logout</ion-button>
_43    </ion-content>
_43  </ion-page>
_43</template>
_43
_43<script setup lang="ts">
_43import {
_43  IonButton,
_43  IonPage,
_43  IonHeader,
_43  IonToolbar,
_43  IonTitle,
_43  IonContent,
_43} from '@ionic/vue';
_43import { useAuthentication } from '@/composables/authentication';
_43import { ref } from 'vue';
_43
_43const { login, logout } = useAuthentication();
_43const authenticated = ref<boolean>();
_43
_43const loginClicked = async (): Promise<void> => {
_43  await login();
_43};
_43
_43const logoutClicked = async (): Promise<void> => {
_43  await logout();
_43};
_43</script>

Create an authenticated value for the Tab1Page.

src/composables/authentication.ts

src/views/Tab1Page.vue


_51<template>
_51  <ion-page>
_51    <ion-header>
_51      <ion-toolbar>
_51        <ion-title>Tab 1</ion-title>
_51      </ion-toolbar>
_51    </ion-header>
_51    <ion-content :fullscreen="true">
_51      <ion-header collapse="condense">
_51        <ion-toolbar>
_51          <ion-title size="large">Tab 1</ion-title>
_51        </ion-toolbar>
_51      </ion-header>
_51
_51      <ion-button @click="loginClicked">Login</ion-button>
_51      <ion-button @click="logoutClicked">Logout</ion-button>
_51    </ion-content>
_51  </ion-page>
_51</template>
_51
_51<script setup lang="ts">
_51import {
_51  IonButton,
_51  IonPage,
_51  IonHeader,
_51  IonToolbar,
_51  IonTitle,
_51  IonContent,
_51} from '@ionic/vue';
_51import { useAuthentication } from '@/composables/authentication';
_51import { ref } from 'vue';
_51
_51const { isAuthenticated, login, logout } = useAuthentication();
_51const authenticated = ref<boolean>();
_51
_51const checkAuthentication = async (): Promise<void> => {
_51  authenticated.value = await isAuthenticated();
_51};
_51
_51const loginClicked = async (): Promise<void> => {
_51  await login();
_51  await checkAuthentication();
_51};
_51
_51const logoutClicked = async (): Promise<void> => {
_51  await logout();
_51  await checkAuthentication();
_51};
_51
_51checkAuthentication();
_51</script>

Check if we are authenticated when the page is page is created as well as after a login or logout operation.

src/composables/authentication.ts

src/views/Tab1Page.vue


_53<template>
_53  <ion-page>
_53    <ion-header>
_53      <ion-toolbar>
_53        <ion-title>Tab 1</ion-title>
_53      </ion-toolbar>
_53    </ion-header>
_53    <ion-content :fullscreen="true">
_53      <ion-header collapse="condense">
_53        <ion-toolbar>
_53          <ion-title size="large">Tab 1</ion-title>
_53        </ion-toolbar>
_53      </ion-header>
_53
_53      <ion-button v-if="authenticated" @click="logoutClicked"
_53        >Logout</ion-button
_53      >
_53      <ion-button v-else @click="loginClicked">Login</ion-button>
_53    </ion-content>
_53  </ion-page>
_53</template>
_53
_53<script setup lang="ts">
_53import {
_53  IonButton,
_53  IonPage,
_53  IonHeader,
_53  IonToolbar,
_53  IonTitle,
_53  IonContent,
_53} from '@ionic/vue';
_53import { useAuthentication } from '@/composables/authentication';
_53import { ref } from 'vue';
_53
_53const { isAuthenticated, login, logout } = useAuthentication();
_53const authenticated = ref<boolean>();
_53
_53const checkAuthentication = async (): Promise<void> => {
_53  authenticated.value = await isAuthenticated();
_53};
_53
_53const loginClicked = async (): Promise<void> => {
_53  await login();
_53  await checkAuthentication();
_53};
_53
_53const logoutClicked = async (): Promise<void> => {
_53  await logout();
_53  await checkAuthentication();
_53};
_53
_53checkAuthentication();
_53</script>

Render the logout button if the user is authenticated. Render the login button if the user is not authenticated.

Create an authenticated value for the Tab1Page.

Check if we are authenticated when the page is page is created as well as after a login or logout operation.

Render the logout button if the user is authenticated. Render the login button if the user is not authenticated.

src/composables/authentication.ts

src/views/Tab1Page.vue


_53import { Capacitor } from '@capacitor/core';
_53import {
_53  Auth0Provider,
_53  AuthConnect,
_53  AuthResult,
_53  ProviderOptions,
_53} from '@ionic-enterprise/auth';
_53
_53const isNative = Capacitor.isNativePlatform();
_53const provider = new Auth0Provider();
_53const authOptions: ProviderOptions = {
_53  audience: 'https://io.ionic.demo.ac',
_53  clientId: 'yLasZNUGkZ19DGEjTmAITBfGXzqbvd00',
_53  discoveryUrl:
_53    'https://dev-2uspt-sz.us.auth0.com/.well-known/openid-configuration',
_53  logoutUrl: isNative
_53    ? 'io.ionic.acdemo://auth-action-complete'
_53    : 'http://localhost:8100/auth-action-complete',
_53  redirectUri: isNative
_53    ? 'io.ionic.acdemo://auth-action-complete'
_53    : 'http://localhost:8100/auth-action-complete',
_53  scope: 'openid offline_access email picture profile',
_53};
_53let authResult: AuthResult | null = null;
_53
_53export const useAuthentication = () => ({
_53  initializeAuthentication: async (): Promise<void> =>
_53    AuthConnect.setup({
_53      platform: isNative ? 'capacitor' : 'web',
_53      logLevel: 'DEBUG',
_53      ios: {
_53        webView: 'private',
_53      },
_53      web: {
_53        uiMode: 'popup',
_53        authFlow: 'PKCE',
_53      },
_53    }),
_53  isAuthenticated: async (): Promise<boolean> => {
_53    return (
_53      !!authResult && (await AuthConnect.isAccessTokenAvailable(authResult))
_53    );
_53  },
_53  login: async (): Promise<void> => {
_53    authResult = await AuthConnect.login(provider, authOptions);
_53  },
_53  logout: async (): Promise<void> => {
_53    if (authResult) {
_53      await AuthConnect.logout(provider, authResult);
_53      authResult = null;
_53    }
_53  },
_53});

Which button is shown on the Tab1Page is now determined by the current authentication state.

Persist the `AuthResult`

The user can perform login and logout operations, but if the browser is refreshed, the application loses the AuthResult. This value needs to be persisted between sessions of the application. To fix this, create a session composable that uses the Preferences plugin to persist the AuthResult. In a production application, we should store the result more securely by using Identity Vault. However, setting up Identity Vault is beyond the scope of this tutorial.

Terminal


_10npm install @capacitor/preferences

Build out the useSession composable in src/composables/session.ts.

src/composables/session.ts

src/composables/authentication.ts


_10export const useSession = () => ({});

The useSession functions starts with the basic skeleton.

src/composables/session.ts

src/composables/authentication.ts


_10import { Preferences } from '@capacitor/preferences';
_10import { AuthResult } from '@ionic-enterprise/auth';
_10
_10export const useSession = () => ({});

Import the Preferences and AuthResult classes.

src/composables/session.ts

src/composables/authentication.ts


_17import { Preferences } from '@capacitor/preferences';
_17import { AuthResult } from '@ionic-enterprise/auth';
_17
_17const key = 'session';
_17
_17export const useSession = () => ({
_17  clearSession: (): Promise<void> => {
_17    return Preferences.remove({ key });
_17  },
_17  getSession: async (): Promise<AuthResult | null> => {
_17    const { value } = await Preferences.get({ key });
_17    return value ? JSON.parse(value) : null;
_17  },
_17  setSession: (value: AuthResult): Promise<void> => {
_17    return Preferences.set({ key, value: JSON.stringify(value) });
_17  },
_17});

Create functions to get, set, and clear the session.

src/composables/session.ts

src/composables/authentication.ts


_56import { Capacitor } from '@capacitor/core';
_56import {
_56  Auth0Provider,
_56  AuthConnect,
_56  AuthResult,
_56  ProviderOptions,
_56} from '@ionic-enterprise/auth';
_56import { useSession } from '@/composables/session';
_56
_56const isNative = Capacitor.isNativePlatform();
_56const provider = new Auth0Provider();
_56const authOptions: ProviderOptions = {
_56  audience: 'https://io.ionic.demo.ac',
_56  clientId: 'yLasZNUGkZ19DGEjTmAITBfGXzqbvd00',
_56  discoveryUrl:
_56    'https://dev-2uspt-sz.us.auth0.com/.well-known/openid-configuration',
_56  logoutUrl: isNative
_56    ? 'io.ionic.acdemo://auth-action-complete'
_56    : 'http://localhost:8100/auth-action-complete',
_56  redirectUri: isNative
_56    ? 'io.ionic.acdemo://auth-action-complete'
_56    : 'http://localhost:8100/auth-action-complete',
_56  scope: 'openid offline_access email picture profile',
_56};
_56let authResult: AuthResult | null = null;
_56
_56const { clearSession, getSession, setSession } = useSession();
_56
_56export const useAuthentication = () => ({
_56  initializeAuthentication: async (): Promise<void> =>
_56    AuthConnect.setup({
_56      platform: isNative ? 'capacitor' : 'web',
_56      logLevel: 'DEBUG',
_56      ios: {
_56        webView: 'private',
_56      },
_56      web: {
_56        uiMode: 'popup',
_56        authFlow: 'PKCE',
_56      },
_56    }),
_56  isAuthenticated: async (): Promise<boolean> => {
_56    return (
_56      !!authResult && (await AuthConnect.isAccessTokenAvailable(authResult))
_56    );
_56  },
_56  login: async (): Promise<void> => {
_56    authResult = await AuthConnect.login(provider, authOptions);
_56  },
_56  logout: async (): Promise<void> => {
_56    if (authResult) {
_56      await AuthConnect.logout(provider, authResult);
_56      authResult = null;
_56    }
_56  },
_56});

Import useSession into our useAuthentication composable and destructure the clearSession, getSession, and setSession functions from it.

src/composables/session.ts

src/composables/authentication.ts


_68import { Capacitor } from '@capacitor/core';
_68import {
_68  Auth0Provider,
_68  AuthConnect,
_68  AuthResult,
_68  ProviderOptions,
_68} from '@ionic-enterprise/auth';
_68import { useSession } from '@/composables/session';
_68
_68const isNative = Capacitor.isNativePlatform();
_68const provider = new Auth0Provider();
_68const authOptions: ProviderOptions = {
_68  audience: 'https://io.ionic.demo.ac',
_68  clientId: 'yLasZNUGkZ19DGEjTmAITBfGXzqbvd00',
_68  discoveryUrl:
_68    'https://dev-2uspt-sz.us.auth0.com/.well-known/openid-configuration',
_68  logoutUrl: isNative
_68    ? 'io.ionic.acdemo://auth-action-complete'
_68    : 'http://localhost:8100/auth-action-complete',
_68  redirectUri: isNative
_68    ? 'io.ionic.acdemo://auth-action-complete'
_68    : 'http://localhost:8100/auth-action-complete',
_68  scope: 'openid offline_access email picture profile',
_68};
_68let authResult: AuthResult | null = null;
_68
_68const { clearSession, getSession, setSession } = useSession();
_68
_68const getAuthResult = async (): Promise<AuthResult | null> => {
_68  return getSession();
_68};
_68
_68const saveAuthResult = async (authResult: AuthResult | null): Promise<void> => {
_68  if (authResult) {
_68    await setSession(authResult);
_68  } else {
_68    await clearSession();
_68  }
_68};
_68
_68export const useAuthentication = () => ({
_68  initializeAuthentication: async (): Promise<void> =>
_68    AuthConnect.setup({
_68      platform: isNative ? 'capacitor' : 'web',
_68      logLevel: 'DEBUG',
_68      ios: {
_68        webView: 'private',
_68      },
_68      web: {
_68        uiMode: 'popup',
_68        authFlow: 'PKCE',
_68      },
_68    }),
_68  isAuthenticated: async (): Promise<boolean> => {
_68    return (
_68      !!authResult && (await AuthConnect.isAccessTokenAvailable(authResult))
_68    );
_68  },
_68  login: async (): Promise<void> => {
_68    authResult = await AuthConnect.login(provider, authOptions);
_68  },
_68  logout: async (): Promise<void> => {
_68    if (authResult) {
_68      await AuthConnect.logout(provider, authResult);
_68      authResult = null;
_68    }
_68  },
_68});

Create functions to get and save the AuthResult.

src/composables/session.ts

src/composables/authentication.ts


_70import { Capacitor } from '@capacitor/core';
_70import {
_70  Auth0Provider,
_70  AuthConnect,
_70  AuthResult,
_70  ProviderOptions,
_70} from '@ionic-enterprise/auth';
_70import { useSession } from '@/composables/session';
_70
_70const isNative = Capacitor.isNativePlatform();
_70const provider = new Auth0Provider();
_70const authOptions: ProviderOptions = {
_70  audience: 'https://io.ionic.demo.ac',
_70  clientId: 'yLasZNUGkZ19DGEjTmAITBfGXzqbvd00',
_70  discoveryUrl:
_70    'https://dev-2uspt-sz.us.auth0.com/.well-known/openid-configuration',
_70  logoutUrl: isNative
_70    ? 'io.ionic.acdemo://auth-action-complete'
_70    : 'http://localhost:8100/auth-action-complete',
_70  redirectUri: isNative
_70    ? 'io.ionic.acdemo://auth-action-complete'
_70    : 'http://localhost:8100/auth-action-complete',
_70  scope: 'openid offline_access email picture profile',
_70};
_70
_70const { clearSession, getSession, setSession } = useSession();
_70
_70const getAuthResult = async (): Promise<AuthResult | null> => {
_70  return getSession();
_70};
_70
_70const saveAuthResult = async (authResult: AuthResult | null): Promise<void> => {
_70  if (authResult) {
_70    await setSession(authResult);
_70  } else {
_70    await clearSession();
_70  }
_70};
_70
_70export const useAuthentication = () => ({
_70  initializeAuthentication: async (): Promise<void> =>
_70    AuthConnect.setup({
_70      platform: isNative ? 'capacitor' : 'web',
_70      logLevel: 'DEBUG',
_70      ios: {
_70        webView: 'private',
_70      },
_70      web: {
_70        uiMode: 'popup',
_70        authFlow: 'PKCE',
_70      },
_70    }),
_70  isAuthenticated: async (): Promise<boolean> => {
_70    const authResult = await getAuthResult();
_70    return (
_70      !!authResult && (await AuthConnect.isAccessTokenAvailable(authResult))
_70    );
_70  },
_70  login: async (): Promise<void> => {
_70    const authResult = await AuthConnect.login(provider, authOptions);
_70    await saveAuthResult(authResult);
_70  },
_70  logout: async (): Promise<void> => {
_70    const authResult = await getAuthResult();
_70    if (authResult) {
_70      await AuthConnect.logout(provider, authResult);
_70      saveAuthResult(null);
_70    }
_70  },
_70});

Use the new functions instead of the authResult variable, which can be removed now.

The useSession functions starts with the basic skeleton.

Import the Preferences and AuthResult classes.

Create functions to get, set, and clear the session.

Import useSession into our useAuthentication composable and destructure the clearSession, getSession, and setSession functions from it.

Create functions to get and save the AuthResult.

Use the new functions instead of the authResult variable, which can be removed now.

src/composables/session.ts

src/composables/authentication.ts


_10export const useSession = () => ({});

If the user logs in and refreshes the browser or restarts the application the authentication state is preserved.

Next Steps

Explore the specific topics that are of interest to you at this time. This application is used as the foundation to build upon as those topics are explored.

Happy coding!! 🤓

Generate the Application​

Install Auth Connect​

Create the Authentication Composable​

Setup and Initialization​

Create the auth-action-complete Page​

Handling the Authentication Flow​

Login and Logout​

Hook Up the Login and Logout​

Configure the Native Projects​

Managing the Authentication Session​

Determine if Authenticated​

Persist the AuthResult​

Next Steps​

Contents

Generate the Application

Install Auth Connect

Create the `Authentication` Composable

Setup and Initialization

Create the `auth-action-complete` Page

Handling the Authentication Flow

Login and Logout

Hook Up the Login and Logout

Configure the Native Projects

Managing the Authentication Session

Determine if Authenticated

Persist the `AuthResult`

Next Steps