Authentication

After SDK is initialized, you need to login to Pango platform to be able to start VPN. Available login options may depend on platform setup for your organization.

Available Authentication Methods

Authorization types available (AuthMethod in API reference):

Anonymous - Allows to login without authentication.
Custom - Custom auth. If you are using custom authentication scheme.
Facebook - Authenticate with Facebook SDK.
Google - Authenticate with Google SDK.
Twitter - Authenticate with Twitter SDK.
Github - Authenticate with GitHub SDK.
Firebase - Authenticate with Firebase SDK.
Pango - Authenticate with Pango.
OAuth - OAuth flow should be implemented by your application.

All methods require token passed except Anonymous.

Custom Authentication

Custom Authentication allows you to integrate your existing authentication system with our cloud platform. Instead of using a predefined authentication method such as google, facebook, or oauth, you can pass a custom string identifier to indicate your preferred authentication mechanism.

To implement Custom Authentication:

Replace the authentication method enum value with a string that uniquely identifies your authentication system, such as your company name or a specific identifier.
Obtain a token from your authentication system.
Pass this custom string and the token received from your authentication system as parameters to the login(method: AuthMethod, completion: @escaping UserCompletion) method.

Example:

import VPNApplicationSDK
// ...
let unifiedSDK: ManualSwitchingVPNSDK // or AutoSwitchingVPNSDK
// ...
let authMethod = AuthMethod(type: .custom("IDENTIFIER"), token: "TOKEN")
unifiedSDK.login(method: authMethod) { error, user in
    print("isLogged: \(error == nil)")
}

Anonymous Authentication

If anonymous login is enabled for your organization you don't need to set token. Login example:

import VPNApplicationSDK
// ...
let unifiedSDK: ManualSwitchingVPNSDK // or AutoSwitchingVPNSDK
// ...
let authMethod = AuthMethod.anonymous()
unifiedSDK.login(method: authMethod) { error, user in
    print("isLogged: \(error == nil)")
}

OAuth Authentication

If you are using OAuth authentication, provide your own OAuth dialogs UI and receive OAuth access token.

Steps:

Deploy and configure the OAuth service. Ensure that the service is publicly available on the Internet.
Configure the Partner Backend to use the OAuth service.
Implement client OAuth for your application.
Retrieve the access token in the client app. This token will be used to initialize and sign in.

import VPNApplicationSDK
// ...
let unifiedSDK: ManualSwitchingVPNSDK // or AutoSwitchingVPNSDK
// ...
let authMethod = AuthMethod(type: .oauth, token: "OAUTH_TOKEN")
unifiedSDK.login(method: authMethod) { error, user in
    print("isLogged: \(error == nil)")
}

Token Considerations

When you login with token, you don't need to refresh it, it can be re-used. However it can be invalidated for some reason (login with same device id...etc).

In case you receive one of following errors:

PartnerAPI.APIError.notAuthorized - The token of user is invalid/expired.
PartnerAPI.APIError.unauthorized - This user is unauthorized or login operation is still pending.

then you need to initiate login again, and call SDK login(method: AuthMethod, completion: @escaping UserCompletion) again with new token.

References

For more information on authentication methods, please refer to the AuthMethod reference documentation.

PreviousDeferred VPN Service Initialization NextWireguard Transport

Last updated 1 month ago

Was this helpful?