OIDC Tokens in Facebook Login for iOS

Starting with iOS SDK v9.0, developers can interact with an OIDC authentication token when a user completes Facebook Login’s authentication flow. This token is returned if the user authenticates their account using Limited Login or classic Facebook Login, and contains basic details shared by the user with the developer’s application.

Prerequisites

Developers should review the iOS SDK Get Started guide to implement Facebook Login on iOS. Developers should upgrade to iOS SDK v9.0

Accessing the Token

After the user logs into their Facebook account in the developer’s application, the returned authentication token is maintained by the iOS SDK in a global AuthenticationToken instance. Once logged in, developers can use the AuthenticationToken.current variable to retrieve the authentication token for the active user.

Validating the Token

Before users log into the developer’s application, developers can generate a unique identifier for each request to confirm the request was received and responded to by Facebook. This identifier is passed as a nonce parameter through the Login Button or Login Manager, which is then returned as a claim on the token.

To validate this token, developers should follow the Validating the Limited Login OIDC Token documentation. Reading Basic Data

Developers can also use the Profile helper class to read details from the token.

// SWIFT - If the user is already logged in
 Profile.loadCurrentProfile { (profile, error) in 
   let userId = profile?.userID;
   let userName = profile?.name;
   Let userEmail = profile?.email ?? “No email provided”;
 }

By default, the AuthenticationToken class also includes a parser that developers can use to view the individual claims on the token.

// SWIFT - If the user is already logged in
let authToken = AuthenticationToken.current;
let claims = authToken?.claims();
let name = claims?.name;