Realm object server and iCloud

Question

How do I use iCloud to authenticate with Realm object server?

I know I have to call login with the "iCloud token" but not being able to find how to get this token.

So far what I could find is this: FileManager.default.ubiquityIdentityToken which according to docs "contains an opaque object representing the identity of the current user". That doesn't seem to work.

Also, what is the normal workflow to use iCloud as authentication, do I show a button for this next to credentials/Facebook/Twitter login? It feels a bit weird since iOS users normally don't have to login to iCloud. Or do I login with iCloud by default and if the user logs in with another provider I logout from iCloud? That workflow feels also weird.

Thanks

Answer 1

This will fetch the access token you need to pass to SyncUser.login. No user interaction is necessary, you will get an error if the user is not signed into iCloud:

func fetchCloudKitAccessToken(completion: @escaping (_ accessToken: String?, _ error: Error?) -> Void) {
      let container = CKContainer.default()
      container.fetchUserRecordID { (recordID, error) in
          let userAccessToken = recordID?.recordName
          completion(userAccessToken, error)
      }
  }

This only needs to be done for the initial authentication, afterwards you can just use SyncUser.current.

Answer 2

In order to access CloudKit using Realm Object Server, you will need to create a public key, then connect to Apple’s CloudKit web dashboard and create a CloudKit access key for your application. These keys will be then used to configure the Realm Object Server’s CloudKit authentication module for a specific Realm.

Learn more at https://realm.io/docs/realm-object-server/#icloud

I don't think there's a "normal" workflow, everything depends on your app, but if your user has already logged in with iCloud it doesn't make sense to use another credentials.