Third-Party Authentication

Cloud Scale’s Authentication allows you to implement a third-party authentication service of your preference for your Catalyst application. The authorization and validation of the end-user is handled by the third-party service, and the data is passed on to Catalyst.

Note: Since you are implementing a third-party authentication service, it is understood that the security infrastructure of your application is contingent on the efficiency of the third-party service that you have chosen.

To implement third-party authentication in your iOS app, you will need to perform the steps described below.

1. Configure the Third-Party Authentication Service

Before you associate a third-party authentication with your Catalyst application, you must ensure that you have first completed handling the third-party logic in the external service. You can configure the authentication with any third-party of your choice.

2. Set up the Third-Party Authentication Type in Catalyst

You must now set up the third-party authentication that you configured in Catalyst by navigating to the Authentication component in Cloud Scale in the Catalyst console. The steps are explained in Set Up Third-party Authentication in Catalyst help page.

This process involves the following steps that you must perform:

i. Generate a custom server token:

When a user is re-directed from a third-party service after being authenticated, their credentials must be passed to an authentication function that you will need to code in Java, Node.js, or Python. This function will generate a Catalyst server-side token jwtToken or customToken which will then be passed to client-side (iOS app). The Catalyst console provides readymade scripts to generate the customToken. You can incorporate this script in the server-side function you write, to return the customToken.

Note: To enable a third-party authentication in your Catalyst application, you must ensure that you have enabled Public Signup in the console.

ii. Skip the client-side configuration:

You can skip the client-side configuration in the console for now, as we will incorporate the custom server token in the client logic at the end to complete the login process.

iii. Configure additional settings and finish the setup:

Configure Customer User Validation or Authorized Domains as a part of Whitelisting and finish the set up.

Catalyst will display a confirmation that a third-party authentication service has been enabled and your application’s authentication is being handled by it.

3. Re-Import the Configuration File in your iOS Project

After you enable the third-party authentication for your iOS app from the Catalyst console, you will need to download and import the AppConfigurationDevelopment.plist or the AppConfigurationProduction.plist properties file in your iOS project again, based on your app’s environment. This is because this file will now include two additional properties: JWTClientID and JWTClientSecret. These properties will need to be passed in the next step, after you re-initialize the SDK.

To re-download the configuration file:

  1. Navigate to Settings, then Developer Tools in your Catalyst console of your project. You will find your existing iOS package under the Mobile SDK section. Open the package.


  1. Click on the required environment tab in the pop-up, then click Download to download the configuration file.


You can now re-import this downloaded configuration file by following the steps mentioned here.

Note: You need not perform the steps 3, 4, 6 given in the SDK setup help page again.

4. Re-Initialize the SDK

You must now re-initialize the SDK to include the newly-downloaded properties in your code. Re-initializing the SDK can be done similar to initializing the SDK for the first time. However, you will now need to specify the JWTClientID and JWTClientSecret properties obtained from the newly-downloaded configuration file through with ZCatalystAppConfiguration.

public func initSDK( window : UIWindow, environment : ZCatalystEnvironment, appConfiguration : ZCatalystAppConfiguration ) throws


  • window: The window object that dispatches events to your views
  • appConfiguration: An object containing all the configuration details for the functioning of the SDK.
  • environment: The environment of your app, either .development or .production.

The environment here indicates if the app is operating in the Development or the Production environment. Similar to including the appropriate plist configuration file based on the environment in your app’s project, you must re-initialize the SDK for the appropriate environment.

5. Code the User Login Logic for the Third-Party Authentication

You can now complete the setup by handling the login logic of the third-party authentication in your iOS app. You must pass the customToken or jwtToken generated in step 2 to the handleCustomLogin() method as shown below:

public func handleCustomLogin( withJWT token : String, completion : @escaping ( Error? ) -> Void )
Note: The custom server token will have to be generated every single time the user logs in to your application using a third-party authentication service.

Last Updated 2023-09-22 20:48:20 +0530 +0530