In Authorization Services Programming Guide, it takes the Factored Applications as an example that is using pre-authorization and authorization together.
However, I didn't fully understand the exact difference between Pre-authorization and Authorization. Why I need to do pre-auth (rather than auth) in the application side before creating the external authorization reference?
If you ignore the existing of the pre-authorisation concept for the moment, things work as follows. The right specification has a timeout, which is the maximum age of a credential that will satisfy the right. If that’s 0, the right can only be satisfied by freshly acquired credentials, meaning that it always presents an authorisation UI to the user.
Pre-authorisation changes this as follows:
The pre-authorisation triggers the UI, gets the necessary credentials, and satisfies the right
It remembers that it satisfied the right
Later on, when you do the normal authorisation, it uses that fact to allow the normal authorisation to succeed without triggering the UI
Share and Enjoy
—
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"