TouchID integration

TouchID authentication tutorial for Swift


A few years ago Apple introduced TouchID on the iPhone5S. Instead of asking your user for a password, you can just ask for their fingerprint (if their device has TouchID) which improves the UX by a gazillion times.

With the introduction of iOS7, it was impossible for a developer to use the fingerprint sensor for authentication. Luckily in iOS8, Apple provided us with an API to do so.

In this tutorial I’ll show you how you can integrate TouchID authentication in your application.

Local Authentication framework

If you want to work with TouchID, you’ll have to link your app with the Local Authentication framework.

Go to Project Settings > General and scroll down to the Linked Frameworks and Libraries section. Click on the + sign and add LocalAuthentication.framework.

Link the LocalAuthentication.framework with your app
Link the LocalAuthentication.framework with your app

Authentication view controller

For this example we’ll just show the user a screen with a login button. If the user touched the login button, he will be asked to authenticate via TouchID. If the authentication fails, we’ll show an error message. If it succeeds we’ll push a new view controller onto the navigation stack.

My Storyboard looks like this hierarchical:

  • UINavigationController: root view controller
    • AuthenticationViewController
      • UIButton : login
    • ProtectedContentViewController
      • UILabel : success message

I’ve added an IBAction in my AuthenticationViewController, and hooked it up to the UIButton.

First you’ll need to import the Local Authentication framework at the top of the AuthenticationViewController.

The Local Authentication framework is quite small for Apple standards. It only has one class named LAContext.

First we need to create an authentication context.  You do this by creating an instance of the LAContext class.

Because not every device has a TouchID sensor, we need to ask the context if there is a fingerprint sensor.

Check for TouchID availability

You do this by calling the method canEvaluatePolicy:error. This method will return a boolean which you can use to provide a fallback authentication method if there is no TouchID available.

I use the guard statement here introduced in Swift 2, because this method needs to return true, otherwise there is no point of executing the rest of the method.  For now, I’ll just present the user with an UIAlertViewController to give some feedback.

Validating the fingerprint

If the device does have a TouchID sensor, we want to present the user the typical TouchID form.

TouchID form
TouchID form

This popup is shown when you call the evaluatePolicy:localizedReason:reply: method on your authentication context.

This method has 3 arguments:

  1. policy: the policy to evaluate
  2. localizedReason: a string message that will be shown to the user, explaining why they need to provide their fingerprint
  3. reply: a closure which is executed when the evaluation ends. This closure has 2 arguments
    1. success: true if fingerprint is recognized, false if not
    2. error: a NSError object with an error code (check LAError for all options)

This is my implementation.

Handling success

The method navigateToAuthenticatedViewController just gets a view controller in my Storyboard and performs a pushViewController on the navigation controller.

Handling failure

If there is an error, I have a method which returns an error message based on the error code.  The error codes can be compared to the LAError class.

And that’s it.

Source code

The source code for this project can be found on GitHub.