Authorization not working

[jitesh95]

Hi Mike,

I am trying to query some records from salesforce using Swiftly . I have follwed the steps from importing library till schemes configuration. But still not i am not able to get data from salesforce. I think there is the is an issue with my callback url .
I have set up this callback url in salesforce connected app : https://callback-url.net

For this , info.plist file i have added an entry:
CFBundleURLTypes


CFBundleURLName
SalesforceOAuth2CallbackURLScheme
CFBundleURLSchemes

https://callback-url.net

Also fot ATS:
NSAppTransportSecurity

NSExceptionDomains

salesforce.com

NSExceptionRequiresForwardSecrecy

NSIncludesSubdomains

I have attached my code snippet also. Could you please help me out with this.

[mike4aday]

Hi @jitesh95 - you have to use a URL callback scheme that is not http or https. The scheme should be unique, for example, "myscheme" or "myapp"

I'll post some examples shortly.

[jitesh95]

Thanks Mike for quick reply, if you could share some screenshots , that would be really great.

[jitesh95]

Hi Mike,

I will really appreciate some help here. I have some questions regarding the authentication of user in salesforce before calling the salesforce apis.

1. Can i use username , password authorization flow to directly the salesforce instance and call salesforce apis. I will hard code username and password in my app.

2. I have a screen in which user will give the some email id, and this email id i will check in salesforce database. For this , in back end , i want to use the hard coded username password authorization flow, without actually asking the user to login. I will hard code the username password.

This i have to do in swift only, because once user is registered i have to redirect user to second screen where user can see Einstein chat bot upon successful email id match in contact database in salesforce.

[mike4aday]

Hi @jitesh95 - the short answer is 'yes,' you could do what you're proposing but it's strongly recommended not to. Native mobile apps should use the OAuth2 'user-agent' flow, which is the default implementation for Swiftly Salesforce.

Hard-coding usernames and passwords in the app presents a security vulnerability. The app likely wouldn't pass the Salesforce security review. Also, the user-agent flow relies on the Salesforce-presented login screen so your app never handles the user's name and password. That helps users trust your app since they aren't handing over their Salesforce credentials to a third-party, but only to Salesforce.

If you use the default authentication behavior in Swiftly Salesforce then users won't have to re-authenticate. The session token is stored securely in the keychain and then retrieved for subsequent calls to Salesforce.

[mike4aday]

@jitesh95 - one more point: if you're considering sharing a single Salesforce user credential among multiple mobile app users, that may violate Salesforce's service agreement. If you want to make a resource available to mobile users without authentication, consider a Heroku endpoint, Force.com sites or unauthenticated Community access instead.

[mike4aday]

@jitesh95 a few notes on your code samples and info.plist file screenshot:

• Your callback URL scheme should be a custom one, anything you make up, but not http or https
• You don't have to register that scheme, or anything else, in the info.plist file
• Calls to the Salesforce API should happen after the view hierarchy is established, so the current call in your scene(_ scene: UIScene, willConnectTo session: UISceneSession, options connectionOptions: UIScene.ConnectionOptions) is too soon. See issue New login steps #114

[mike4aday]

@jitesh95 I'll close this issue for now. Please re-open and comment if you still have questions/issues.