Free trial *Internet Service Required
  • On the page (jump to):

Get started with authentication in Mobile Services

Windows Store C# Windows Store JavaScript Windows Phone 8 iOS Android HTML

This topic shows you how to authenticate users in Windows Azure Mobile Services from your app. In this tutorial, you add authentication to the quickstart project using an identity provider that is supported by Mobile Services. After being successfully authenticated and authorized by Mobile Services, the user ID value is displayed.

This tutorial walks you through these basic steps to enable authentication in your app:

  1. Register your app for authentication and configure Mobile Services
  2. Restrict table permissions to authenticated users
  3. Add authentication to the app

This tutorial is based on the Mobile Services quickstart. You must also first complete the tutorial Get started with Mobile Services.

Completing this tutorial requires XCode 4.5 and iOS 5.0 or later versions.

Register your appRegister your app for authentication and configure Mobile Services

To be able to authenticate users, you must register your app with an identity provider. You must then register the provider-generated client secret with Mobile Services.

  1. Log on to the Windows Azure Management Portal, click Mobile Services, and then click your mobile service.

  2. Click the Dashboard tab and make a note of the Site URL value.

    You may need to provide this value to the identity provider when you register your app.

  3. Choose a supported identity provider from the list below and follow the steps to register your app with that provider:

    Remember to make a note of the client identity and secret values generated by the provider.

    Security Note

    The provider-generated secret is an important security credential. Do not share this secret with anyone or distribute it with your app.

  4. Back in the Management Portal, click the Identity tab, enter the app identifier and shared secret values obtained from your identity provider, and click Save.

Both your mobile service and your app are now configured to work with your chosen authentication provider.

Restrict permissionsRestrict permissions to authenticated users

  1. In the Management Portal, click the Data tab, and then click the TodoItem table.

  2. Click the Permissions tab, set all permissions to Only authenticated users, and then click Save. This will ensure that all operations against the TodoItem table require an authenticated user. This also simplifies the scripts in the next tutorial because they will not have to allow for the possibility of anonymous users.

  3. In Xcode, open the project that you created when you completed the tutorial Get started with Mobile Services.

  4. Press the Run button to build the project and start the app in the iPhone emulator; verify that an unhandled exception with a status code of 401 (Unauthorized) is raised after the app starts.

    This happens because the app attempts to access Mobile Services as an unauthenticated user, but the TodoItem table now requires authentication.

Next, you will update the app to authenticate users before requesting resources from the mobile service.

Add authenticationAdd authentication to the app

  1. Open the project file QSTodoListViewController.m and in the viewDidLoad method, remove the following code that reloads the data into the table:

    [self refresh];

  2. Just after the viewDidLoad method, add the following code:

    - (void)viewDidAppear:(BOOL)animated
{
    MSClient *client = self.todoService.client;


if (client.currentUser != nil) {
    return;
}


[client loginWithProvider:@"facebook" controller:self animated:YES completion:^(MSUser *user, NSError *error) {
    [self refresh];
}];


}
    Note

    If you are using an identity provider other than Facebook, change the value passed to loginWithProvider above to one of the following:microsoftaccount,facebook,twitter, orgoogle.

  3. Press the Run button to build the project, start the app in the iPhone emulator, then log-on with your chosen identity provider.

    When you are successfully logged-in, the app should run without errors, and you should be able to query Mobile Services and make updates to data.

Next steps

In the next tutorial, Authorize users with scripts, you will take the user ID value provided by Mobile Services based on an authenticated user and use it to filter the data returned by Mobile Services.

Rss Newsletter