Token Management

How the Swift SDK manages your user’s tokens

Use Passage Token Store

When you create an instance of Passage you also get an instance of PassageTokenStore. Anytime your user successfully registers or logs in, their auth token and refresh token (if applicable) are stored securely on their device.

Get auth token

You can access the current auth token this way:

let passage = Passage("YOUR_APP_ID")
let authToken = try? await passage.tokenStore.getValidAuthToken() // Will return a new token if existing token is expired.

Log out user and remove tokens from device

When you call passage.currentUser.logOut(), the user's tokens are removed from the device.

try? await passage.currentUser.logOut()

How are tokens stored?

Your user's auth token and refresh token are both stored on device using Apple's Keychain API (opens in a new tab). When you sign out your user, the refresh token is revoked on the server and both tokens are removed from the device.

Get tokens from auth methods

Any successful authentication call you make returns an AuthResult which contains your user's auth token and refresh token.

For example:

let authResult = try? await passage.passkey.login()
let authToken = authResult?.authToken
let refreshToken = authResult?.refreshToken
let expiration = authRestul?.refreshTokenExpiration