--- title: Integrating FIDO auth journeys in iOS description: PingOne Advanced Identity Cloud PingAM iOS component: orchsdks page_id: orchsdks:journey:use-cases/fido/ios/ios-fido-auth-journey canonical_url: https://developer.pingidentity.com/orchsdks/journey/use-cases/fido/ios/ios-fido-auth-journey.html revdate: Thu, 13 Nov 2025 14:14:33 +0100 keywords: ["FIDO", "WebAuthn", "MFA", "Hardware", "Source Code", "Integration", "SDK", "iOS"] section_ids: prereqs: Before you begin ios-fido-entitlements: Adding FIDO entitlements to an iOS app ios_fido_module: Step 1. Installing modules step_2_registering_fido_authenticators: Step 2. Registering FIDO authenticators step_3_authenticating_using_a_fido_authenticator: Step 3. Authenticating using a FIDO authenticator --- # Integrating FIDO auth journeys in iOS [icon: circle-check, set=far]PingOne Advanced Identity Cloud [icon: circle-check, set=far]PingAM [icon: apple, set=fab]iOS The FIDO module offers a streamlined API for handling FIDO interactions. It abstracts away the complexities of the underlying FIDO protocols, allowing you to quickly add strong authentication to your applications. ## Before you begin To enable FIDO authentication in your app you must complete the following tasks: ### Adding FIDO entitlements to an iOS app 1. In Xcode, in the Project Navigator, double-click your application to open the Project pane. 2. On the Signing & Capabilities tab, click [icon: plus, set=fa]Capability, type `Associated Domains`, and then double click the result to add the capability. 3. In Domains, click the Add ([icon: plus, set=fa]) button, and enter the following entries: 1. `webcredentials:`, followed by the hostname where you uploaded the `apple-app-site-association` file earlier. For example, `webcredentials:openam-docs.forgeblocks.com` The result will resemble the following: ![ios fido capabilities journeys](../../../../_images/fido/ios-fido-capabilities-journeys.png)Figure 1. Configuring Advanced Identity Cloud entitlements in iOS. ## Step 1. Installing modules To install the FIDO module for iOS, use Swift Package Manager (SPM) or Cocoapods to add the dependency to your project. * SPM (Swift Package Manager) * CocoaPods You can install packages by using SPM (Swift Package Manager) on the iOS project. 1. In Xcode, in the Project Navigator, right-click your project, and then click Add Package Dependencies…​. 2. In the **Search or Enter Package URL** field, enter the URL of the repo containing the Orchestration SDK for iOS, `https://github.com/ForgeRock/ping-ios-sdk.git`. 3. In **Add to Project**, select the name of your project, and then click **Add Package**. Xcode shows a dialog containing the libraries available for iOS. 4. Select the `PingFido` library, and in the **Add to Target** column select the name of your project. 5. Repeat the previous step for any other packages you want to use in your project. 6. Click **Add Package**. Xcode displays the chosen packages and any prerequisites they might have in the **Package Dependencies** pane of the Project Navigator. 1) If you don't already have CocoaPods, install the [latest version](https://guides.cocoapods.org/using/getting-started.html). 2) If you don't already have a Podfile, in a terminal window, run the following command to create a new [Podfile](https://guides.cocoapods.org/syntax/podfile.html): ``` pod init ``` 3) Add the following lines to your Podfile: ``` pod 'PingFido' ``` 4) Run the following command to install pods: ``` pod install ``` ## Step 2. Registering FIDO authenticators To register a FIDO authenticator, use the `register()` function. The function returns either `success` or `failure`. The Orchestration SDK provides the `FidoRegistrationCallback` class for handling the FIDO registration requests: Step 1. Handling FIDO callbacks in a Advanced Identity Cloud or PingAM journey ```swift ForEach(Array(continueNode.callbacks.enumerated()), id: \.offset) { index, callback in switch callback { case let fidoRegistrationCallback as FidoRegistrationCallback: FidoRegistrationCallbackView(callback: fidoRegistrationCallback, onNext: onNext) } } ``` Step 2. Calling `register` in `FidoRegistrationCallbackView` ```swift Task { // Get the window guard let windowScene = UIApplication.shared.connectedScenes.first as? UIWindowScene, let window = windowScene.windows.first else { print("Could not find active window scene.") return // Exit if no window found } // Call the async function and await its Result let result = await callback.register(window: window) // Handle the Result switch result { case .success(let attestationValue): // Optional: Use attestationValue if needed print("FIDO Registration successful: \(attestationValue)") // Call onNext onNext() case .failure(let error): // Handle errors print("FIDO Registration failed: \(error.localizedDescription)") // Call onNext onNext() } } ``` ## Step 3. Authenticating using a FIDO authenticator To authenticate using a registered FIDO authenticator, use the `authenticate()` function. The function returns either `success` or `failure`. The Orchestration SDK provides the `Fido2AuthenticationCallback` class for handling the FIDO authentication requests: Step 1. Handling FIDO callbacks in a Advanced Identity Cloud or PingAM journey ```swift ForEach(Array(continueNode.callbacks.enumerated()), id: \.offset) { index, callback in switch callback { case let fidoAuthenticationCallback as FidoAuthenticationCallback: FidoAuthenticationCallbackView(callback: fidoAuthenticationCallback, onNext: onNext) } } ``` \+ .Step 2. Calling `authenticate` in `FidoAuthenticationCallbackView` ```swift Task { // Get the window guard let windowScene = UIApplication.shared.connectedScenes.first as? UIWindowScene, let window = windowScene.windows.first else { print("Could not find active window scene.") return // Exit if no window found } // Call the async function and await its Result let result = await callback.authenticate(window: window) // Handle the Result switch result { case .success(let attestationValue): // Optional: Use attestationValue if needed print("FIDO Authentication successful: \(attestationValue)") // Call onNext onNext() case .failure(let error): // Handle errors print("FIDO Authentication failed: \(error.localizedDescription)") // Call onNext onNext() } } ```