Class

LAContext

A mechanism for evaluating authentication policies and access controls.

Declaration

@interface LAContext : NSObject

Overview

You use an authentication context to evaluate the user’s identity, either with biometrics like Touch ID or Face ID, or by supplying the device passcode. The context handles user interaction, and also interfaces to the Secure Enclave, the underlying hardware element that manages biometric data. You create and configure the context, and ask it to carry out the authentication. You then receive an asynchronous callback, which provides an indication of authentication success or failure, and an error instance that explains the reason for a failure, if any.

Topics

Checking Availability

- canEvaluatePolicy:error:

Assesses whether authentication can proceed for a given policy.

LAPolicy

The set of available local authentication policies.

biometryType

The type of biometric authentication supported by the device.

LABiometryType

The set of available biometric authentication types.

Evaluating Authentication Policies

- evaluatePolicy:localizedReason:reply:

Evaluates the specified policy.

evaluatedPolicyDomainState

The current state of the evaluated policy domain.

maxBiometryFailures

The number of biometric authentication failures after which the context falls back to another mechanism.

Deprecated

Evaluating Access Controls

- evaluateAccessControl:operation:localizedReason:reply:

Evaluates an access control for a given operation.

LAAccessControlOperation

Operations to be evaluated for access control.

interactionNotAllowed

A Boolean value indicating whether authentication can be interactive.

Customizing Authentication Prompts

localizedReason

The localized explanation for authentication shown in the dialog presented to the user.

localizedFallbackTitle

The localized title for the fallback button in the dialog presented to the user during authentication.

localizedCancelTitle

The localized title for the cancel button in the dialog presented to the user during authentication.

Reusing Device Unlock State

touchIDAuthenticationAllowableReuseDuration

The duration for which Touch ID authentication reuse is allowable.

LATouchIDAuthenticationMaximumAllowableReuseDuration

The maximum allowable reuse duration.

Managing Credentials

- setCredential:type:

Sets an application-provided credential to be used when evaluating authentication.

- isCredentialSet:

Returns a Boolean value indicating whether the specified credential type is set.

LACredentialType

The types of credentials to be used for authentication.

Invalidating the Authentication Context

- invalidate

Invalidates the authentication context.

Relationships

Inherits From

See Also

Authentication and Access

Accessing Keychain Items with Face ID or Touch ID

Protect a keychain item with biometric authentication.