Implementing Authentication for the Mobile Safari Extension
2 min
\<font color="#6b21a8">overview\</font> the authentication flow for the wildfire mobile safari extension is unique because the extension itself does not perform authentication unlike desktop browser extensions that might use an oauth web flow, ios architecture prevents safari extensions from directly accessing the native host app's internal data or apis to overcome this, authentication relies entirely on a shared data layer between your native ios app and the safari extension \<font color="#6b21a8">step 1 authenticate the user in your native app\</font> because the extension does not handle logins, your user will simply log into your existing ios application (the host app) using your standard authentication methods \<font color="#6b21a8">step 2 establish a shared resource\</font> to pass the user's identity from your host app to the safari extension, your ios development team must set up a shared data store to do this, you will need to enable the "app groups" entitlement in xcode, which allows your host app and the extension target to securely share userdefaults \<font color="#6b21a8">step 3 write the user identifier to the shared resource\</font> once the user successfully authenticates in your host app, your app needs to generate or retrieve their unique anonymized user identifier (ideally a uuid) the host app must then write this user id into the shared app group resource \<font color="#6b21a8">step 4 configure the native bridge (safariwebextensionhandler swift)\</font> wildfire provides a native swift bridge file (safariwebextensionhandler swift) that sits between safari and your app you will need to configure this handler to read from your shared app group when safari activates the extension, the javascript extension requests the user id from this swift handler the handler must be configured to pass the user's identifier into the get user id configuration setting once the javascript extension receives this id, it will automatically append it to the tracking links (as the tracking code or tc parameter) to ensure all merchant purchases are attributed to the correct user \<font color="#6b21a8">handling logged out states\</font> if the user logs out of your native app, your app should clear the user id from the shared resource if the user is not authenticated, the get user id setting should simply return an empty string when this value is empty, the safari extension will automatically operate in a logged out state \<font color="#6b21a8">summary of the data flow \</font> user logs into the partner's host app host app writes the user's unique id to an app group/user defaults safari activates the extension, which requests the user id from the safariwebextensionhandler the handler reads the shared resource and passes the id to the extension via get user id the extension uses the id to track purchases and attribute cash back
