Purpose
Add secure authentication to an existing iOS project using Apple-native approaches.
Arguments
- •
--providers <list>— Comma-separated providers (default:apple,biometric)- •
apple— Sign in with Apple - •
biometric— Face ID / Touch ID - •
credentials— Email/password (requires backend)
- •
- •
--with-backend— Include API client for backend auth
What gets created
code
Services/ ├── Auth/ │ ├── AuthService.swift # Main auth service │ ├── AuthState.swift # Auth state enum │ ├── KeychainManager.swift # Secure token storage │ ├── BiometricAuthManager.swift # Face ID / Touch ID │ └── SignInWithAppleManager.swift Features/ ├── Auth/ │ ├── SignInView.swift # Sign-in screen │ ├── SignInViewModel.swift │ └── AuthenticatedContainer.swift # Wraps authenticated content Models/ └── User.swift # User model
Capabilities required
Add to Xcode project:
- •Sign in with Apple capability (for
appleprovider)
Add to Info.plist:
- •
NSFaceIDUsageDescription— "Use Face ID to unlock the app"
Keychain storage
- •Access tokens stored in Keychain (not UserDefaults)
- •Uses
kSecAttrAccessibleWhenUnlockedThisDeviceOnly - •Biometric-protected option available
Auth flow
- •Check for existing session (Keychain)
- •If biometrics enabled, prompt for Face ID/Touch ID
- •If no session, show sign-in screen
- •On successful auth, store tokens in Keychain
- •Handle token refresh (if backend)
Workflow
- •Add Sign in with Apple capability in Xcode
- •Create auth services and managers
- •Create sign-in UI
- •Create authenticated container wrapper
- •Integrate with DependencyContainer
- •Add Info.plist entries
- •Test on device (biometrics require device)
Security requirements
- •Never store tokens in UserDefaults
- •Use Keychain with appropriate accessibility
- •Validate Sign in with Apple tokens server-side
- •Handle biometric fallback gracefully
- •Clear Keychain on sign-out
Output
Summarize: providers configured, capabilities needed, UI components, security setup.
Reference
For implementation details and security patterns, see reference/ios-add-auth-reference.md