How to pass access token to Alamofire?

Question

I am trying to pass access token in Alamofire but getting confuse in various methods around web.

Below are methods which we need to use.

let todosEndpoint: String = "https:url......."

let headers = [
            "Authorization": "Bearer \(token!)",
            "Content-Type": "application/X-Access-Token"
        ]
        let Auth_header    = [ "Authorization" : tokenString! ]

        Alamofire.request(todosEndpoint, method: .get, parameters: nil, encoding: JSONEncoding.default, headers: Auth_header)
            .responseJSON { response in
                print("response.request \(response.request)")  // original URL request
                print("response.response \(response.response)") // HTTP URL response
                print("response.data \(response.data)")     // server data
                print("response.result \(response.result)")

                print("response \(response)")

        }

    }

OR

let aManager = SessionManager()
        aManager.session.configuration.httpAdditionalHeaders = [
            "Authorization": "Bearer tokenString"]

OR

let headerss = [
            "Authorization": tokenString]

OR

let aManager = SessionManager()
            aManager.session.configuration.httpAdditionalHeaders = [
                "Authorization": "Basic tokenString"]

What is proper way to pass access token?

choose one. did it work? good, done. It didn't work? try another. Did it work? good. done. Oh that one didn't work either? try another one. Did THAT work? Nope? Am I out of options? yes. Stackoverflow — zerohero, Nov 25 '16 at 06:40
Unfortunately non of above is working for me? So I am not sure if I am passing token by any wrong way — New iOS Dev, Nov 25 '16 at 06:45

score 20 · Answer 1 · answered Nov 25 '16 at 11:55

Did you tried this, it's available in Alamofire documentation:

let headers: HTTPHeaders = [
    "Authorization": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==",
    "Accept": "application/json"
]

Alamofire.request("https://httpbin.org/headers", headers: headers).responseJSON { response in
    debugPrint(response)
}

Another example is:

let user = "user"
let password = "password"

var headers: HTTPHeaders = [:]

if let authorizationHeader = Request.authorizationHeader(user: user, password: password) {
    headers[authorizationHeader.key] = authorizationHeader.value
}

Alamofire.request("https://httpbin.org/basic-auth/user/password", headers: headers)
    .responseJSON { response in
        debugPrint(response)
    }

One more way is:

let user = "user"
let password = "password"

let credential = URLCredential(user: user, password: password, persistence: .forSession)

Alamofire.request("https://httpbin.org/basic-auth/\(user)/\(password)")
    .authenticate(usingCredential: credential)
    .responseJSON { response in
        debugPrint(response)
    }

Tokens shouldn't be set at request level... if we have 100 apis to be called in the app, user will end up adding same code for every request.... — Satyam, May 17 '18 at 04:03
that is the correct way for authentication. it should be added in http header of each request. — Ankit Thakur, May 21 '18 at 08:12
Please cross about session manager concept in Alamofire. Alamofire has session manager, in which we have to add the token and it in-turn adds in each http header. — Satyam, May 21 '18 at 09:46

score 14 · Answer 2 · answered Nov 20 '18 at 12:32

If you are using Alamofire 4.0 or greater, you can use RequestAdapter protocol to intercept the request and inject the JWT token. This solution is perfect if you make many requests and have to use JWT in each of them.

class AccessTokenAdapter: RequestAdapter {
    private let accessToken: String
    private let prefix: String

    public init(accessToken: String, prefix: String) {
        self.accessToken = accessToken
        self.prefix = prefix
    }

    public func adapt(_ urlRequest: URLRequest) throws -> URLRequest {
        var urlRequest = urlRequest

        if let urlString = urlRequest.url?.absoluteString, urlString.hasPrefix(prefix) {
            urlRequest.setValue("Bearer " + accessToken, forHTTPHeaderField: "Authorization")
        }

        return urlRequest
    }
}

Somewhere in the class you initialize the SessionManager like this:

var sessionManager = SessionManager()
sessionManager.adapter = AccessTokenAdapter(accessToken: token, prefix: "https://protected.api.com")

And you use it whenever you want to:

sessionManager.request(MyRouter.getCustomData()).responseArray { (response: DataResponse<[CustomData]>) in

        if response.result.isSuccess {
            self.array = response.result.value ?? []
        } else {
            print(response.debugDescription)
        }
    }

score 6 · Answer 3 · answered Nov 15 '17 at 13:43

It can be done by using Alamofire in following way:

    let url: String = "https:url......."
    var request = URLRequest(url:  NSURL(string: url)! as URL)

    // Your request method type Get or post etc according to your requirement
    request.httpMethod = "POST"

    request.setValue("Bearer \(token)", forHTTPHeaderField: "Authorization")
    request.setValue("application/json", forHTTPHeaderField: "Content-Type")

    // Your required parameter in case of Post request
    let parameters: [String: Any] = ["paramter1": "vaue1"]

    request.httpBody = try! JSONSerialization.data(withJSONObject: parameters )

    Alamofire.request(request).responseJSON { (responseObject) -> Void in

      // Your required functionality here            

    }

Mitul Marsoniya · Answer 4 · 2016-11-25T10:30:50.487

1

I'm using look like this :-

let username = "Tuser"
let password = "Tpassword"
let credentialData = "\(username):\(password)".data(using: String.Encoding.utf8)!
let base64Credentials = credentialData.base64EncodedString(options: [])
let headers = ["Authorization": "Basic \(base64Credentials)"]

OR

let headers    = [ "Authorization" : token ]

edited Nov 25 '16 at 10:30

answered Nov 25 '16 at 07:53

Mitul Marsoniya

5,272
4
33
57

what is username and password in your answer...is this required? I only want to pass access token – New iOS Dev Nov 25 '16 at 09:40
Backend(API) developer give you userName and Password. This called Basic Authentication. – Mitul Marsoniya Nov 25 '16 at 09:54
I am getting access token in login api success which I am passing for every after login api...in AFNetworking I was doing same and never asked for username and password to backend team..is this required in Alamofire? – New iOS Dev Nov 25 '16 at 10:23
Okay i have update answer. your second or option is work in this. – Mitul Marsoniya Nov 25 '16 at 10:32

How to pass access token to Alamofire?

4 Answers4

Linked