Framework

LocalAuthentication

Authenticate users biometrically or with a passphrase they already know.

Overview

Many users rely on biometric authentication like Face ID or Touch ID to enable secure, effortless access to their devices. As a fallback option, and for devices without biometry, a passcode or password serves a similar purpose. Use the LocalAuthentication framework to leverage these mechanisms in your app and extend authentication procedures your app already implements.

Diagram showing the relationship between your app operating in user space, the LocalAuthentication framework in the operating system, and the Secure Enclave.

To maximize security, your app never gains access to any of the underlying authentication data. You can’t access any fingerprint images, for example. The Secure Enclave, a hardware-based security processor isolated from the rest of the system, manages this data out of reach even of the operating system. Instead, you specify a particular policy and provide messaging that tells the user why you want them to authenticate. The framework then coordinates with the Secure Enclave to carry out the operation. Afterward, you receive only a Boolean result indicating authentication success or failure.

Topics

First Steps

Logging a User into Your App with Face ID or Touch ID

Supplement your own authentication scheme with biometric authentication, making it easy for users to access sensitive parts of your app.

Authentication and Access

class LAContext

A mechanism for evaluating authentication policies and access controls.

Accessing Keychain Items with Face ID or Touch ID

Protect a keychain item with biometric authentication.

Errors

struct LAError

Errors issued by the LocalAuthentication framework.

Property List Keys

Property List Key NSFaceIDUsageDescription

A message that tells the user why the app is requesting the ability to authenticate with Face ID.