Name:
interface
Value:
Amplify has re-imagined the way frontend developers build fullstack applications. Develop and deploy without the hassle.

Fullstack TypeScript

Write your app's data model, auth, storage, and functions in TypeScript; Amplify will do the rest.

Built with the AWS CDK

Use any cloud resource your app needs. Never worry about scale.

Back to Gen 1 DocsLearn more about Gen 2

Choose your framework/language

Edit on GitHub

Page updated Dec 2, 2024

Sign-in

Amplify provides a client library that enables you to interact with backend resources such as Amplify Auth.

The quickest way to get started with Amplify Auth in your frontend application is with the Authenticator component, which provides a customizable UI and complete authentication flows.

Using the signIn API

func signIn(username: String, password: String) async {
    do {
        let signInResult = try await Amplify.Auth.signIn(
            username: username,
            password: password
        )
        if signInResult.isSignedIn {
            print("Sign in succeeded")
        }
    } catch let error as AuthError {
        print("Sign in failed \(error)")
    } catch {
        print("Unexpected error: \(error)")
    }
}
func signIn(username: String, password: String) -> AnyCancellable {
    Amplify.Publisher.create {
        try await Amplify.Auth.signIn(
            username: username,
            password: password
        )
    }.sink {
        if case let .failure(authError) = $0 {
            print("Sign in failed \(authError)")
        }
    }
    receiveValue: { signInResult in
        if signInResult.isSignedIn {
            print("Sign in succeeded")
        }
    }
}

The signIn API response will include a nextStep property, which can be used to determine if further action is required. It may return the following next steps:

Next StepDescription
confirmSignInWithNewPasswordThe user was created with a temporary password and must set a new one. Complete the process with confirmSignIn.
confirmSignInWithCustomChallengeThe sign-in must be confirmed with a custom challenge response. Complete the process with confirmSignIn.
confirmSignInWithTOTPCodeThe sign-in must be confirmed with a TOTP code from the user. Complete the process with confirmSignIn.
confirmSignInWithSMSMFACodeThe sign-in must be confirmed with a SMS code from the user. Complete the process with confirmSignIn.
confirmSignInWithOTPThe sign-in must be confirmed with a code from the user (sent via SMS or Email). Complete the process with confirmSignIn.
confirmSignInWithPasswordThe user must set a new password. Complete the process with confirmSignIn.
continueSignInWithFirstFactorSelectionThe user must select their preferred mode of First Factor authentication. Complete the process with confirmSignIn.
continueSignInWithMFASelectionThe user must select their mode of MFA verification before signing in. Complete the process with confirmSignIn.
continueSignInWithMFASetupSelectionThe user must select their mode of MFA verification to setup. Complete the process by passing either MFAType.email.challengeResponse or MFAType.totp.challengeResponse to confirmSignIn.
continueSignInWithTOTPSetupThe TOTP setup process must be continued. Complete the process with confirmSignIn.
continueSignInWithEmailMFASetupThe EMAIL setup process must be continued. Complete the process by passing a valid email address to confirmSignIn.
resetPasswordThe user must reset their password via resetPassword.
confirmSignUpThe user hasn't completed the sign-up flow fully and must be confirmed via confirmSignUp.
doneThe sign in process has been completed.

For more information on handling the MFA steps that may be returned, see multi-factor authentication.

func confirmSignIn() async {
    do {
        let signInResult = try await Amplify.Auth.confirmSignIn(challengeResponse: "<confirmation code received via SMS>")
        print("Confirm sign in succeeded. Next step: \(signInResult.nextStep)")
    } catch let error as AuthError {
        print("Confirm sign in failed \(error)")
    } catch {
        print("Unexpected error: \(error)")
    }
}
func confirmSignIn() -> AnyCancellable {
    Amplify.Publisher.create {
        try await Amplify.Auth.confirmSignIn(challengeResponse: "<confirmation code received via SMS>")
    }.sink {
            if case let .failure(authError) = $0 {
                print("Confirm sign in failed \(authError)")
            }
        }
        receiveValue: { signInResult in
            print("Confirm sign in succeeded. Next step: \(signInResult.nextStep)")
        }
}

With multi-factor auth enabled

When you have Email or SMS MFA enabled, Cognito will send messages to your users on your behalf. Email and SMS messages require that your users have email address and phone number attributes respectively. It is recommended to set these attributes as required in your user pool if you wish to use either Email MFA or SMS MFA. When these attributes are required, a user must provide these details before they can complete the sign up process.

If you have set MFA to be required and you have activated more than one authentication factor, Cognito will prompt new users to select an MFA factor they want to use. Users must have a phone number to select SMS and an email address to select email MFA.

If a user doesn't have the necessary attributes defined for any available message based MFA, Cognito will prompt them to set up TOTP.

Visit the multi-factor authentication documentation to learn more about enabling MFA on your backend auth resource.

func signUp(username: String, password: String, email: String, phonenumber: String) async {
    let userAttributes = [AuthUserAttribute(.email, value: email), AuthUserAttribute(.phoneNumber, value: phonenumber)]
    let options = AuthSignUpRequest.Options(userAttributes: userAttributes)


    do {
        let signUpResult = try await Amplify.Auth.signUp(
            username: username,
            password: password,
            options: options
        )


        if case let .confirmUser(deliveryDetails, _, userId) = signUpResult.nextStep {
            print("Delivery details \(String(describing: deliveryDetails)) for userId: \(String(describing: userId)))")
        } else {
            print("SignUp Complete")
        }
    } catch let error as AuthError {
        print("An error occurred while registering a user \(error)")
    } catch {
        print("Unexpected error: \(error)")
    }
}
func signUp(username: String, password: String, email: String, phonenumber: String) -> AnyCancellable {
    let userAttributes = [
        AuthUserAttribute(.email, value: email),
        AuthUserAttribute(.phoneNumber, value: phonenumber)
    ]
    let options = AuthSignUpRequest.Options(userAttributes: userAttributes)
    Amplify.Publisher.create {
        try await Amplify.Auth.signUp(
            username: username,
            password: password,
            options: options
        )
    }.sink {
        if case let .failure(authError) = $0 {
            print("An error occurred while registering a user \(authError)")
        }
    }
    receiveValue: { signUpResult in
        if case let .confirmUser(deliveryDetails, _, userId) = signUpResult.nextStep {
            print("Delivery details \(String(describing: deliveryDetails)) for userId: \(String(describing: userId)))")
        } else {
            print("SignUp Complete")
        }
    }
    return sink
}

Confirm sign-in

Following sign in, you will receive a nextStep in the sign-in result of one of the following types. Collect the user response and then pass to the confirmSignIn API to complete the sign in flow.

Next StepDescription
confirmSignInWithTOTPCodeThe sign-in must be confirmed with a TOTP code from the user. Complete the process with confirmSignIn.
confirmSignInWithSMSMFACodeThe sign-in must be confirmed with a SMS code from the user. Complete the process with confirmSignIn.
confirmSignInWithOTPThe sign-in must be confirmed with a code from the user (sent via SMS or Email). Complete the process with confirmSignIn.
confirmSignInWithPasswordThe user must set a new password. Complete the process with confirmSignIn.
continueSignInWithFirstFactorSelectionThe user must select their preferred mode of First Factor authentication. Complete the process with confirmSignIn.
continueSignInWithMFASelectionThe user must select their mode of MFA verification before signing in. Complete the process with confirmSignIn.
continueSignInWithMFASetupSelectionThe user must select their mode of MFA verification to setup. Complete the process by passing either MFAType.email.challengeResponse or MFAType.totp.challengeResponse to confirmSignIn.
continueSignInWithTOTPSetupThe TOTP setup process must be continued. Complete the process with confirmSignIn.
continueSignInWithEmailMFASetupThe EMAIL setup process must be continued. Complete the process by passing a valid email address to confirmSignIn.

Note: you must call confirmSignIn in the same app session as you call signIn. If you close the app, you will need to call signIn again. As a result, for testing purposes, you'll at least need an input field where you can enter the code sent via SMS and pass it to confirmSignIn.

func confirmSignIn() async {
    do {
        let signInResult = try await Amplify.Auth.confirmSignIn(challengeResponse: "<confirmation code received via SMS>")
        print("Confirm sign in succeeded. Next step: \(signInResult.nextStep)")
    } catch let error as AuthError {
        print("Confirm sign in failed \(error)")
    } catch {
        print("Unexpected error: \(error)")
    }
}
func confirmSignIn() -> AnyCancellable {
    Amplify.Publisher.create {
        try await Amplify.Auth.confirmSignIn(challengeResponse: "<confirmation code received via SMS>")
    }.sink {
            if case let .failure(authError) = $0 {
                print("Confirm sign in failed \(authError)")
            }
        }
        receiveValue: { signInResult in
            print("Confirm sign in succeeded. Next step: \(signInResult.nextStep)")
        }
}

Sign in with an external identity provider

To sign in using an external identity provider such as Google, use the signInWithWebUI function.

Update Info.plist

Sign-in with web UI requires the Amplify plugin to show up the sign-in UI inside a webview. After the sign-in process is complete it will redirect back to your app. You have to enable this in your app's Info.plist. Right click Info.plist and then choose Open As > Source Code. Add the following entry in the URL scheme:

<plist version="1.0">


     <dict>
     <!-- YOUR OTHER PLIST ENTRIES HERE -->


     <!-- ADD AN ENTRY TO CFBundleURLTypes for Cognito Auth -->
     <!-- IF YOU DO NOT HAVE CFBundleURLTypes, YOU CAN COPY THE WHOLE BLOCK BELOW -->
     <key>CFBundleURLTypes</key>
     <array>
         <dict>
             <key>CFBundleURLSchemes</key>
             <array>
                 <string>myapp</string>
             </array>
         </dict>
     </array>


     <!-- ... -->
     </dict>

When creating a new SwiftUI app using Xcode 13 no longer require configuration files such as the Info.plist. If you are missing this file, click on the project target, under Info, Url Types, and click '+' to add a new URL Type. Add myapp to the URL Schemes. You should see the Info.plist file now with the entry for CFBundleURLSchemes.

Launch Social Web UI Sign In

Invoke the following API with the provider you're using (shown with Facebook below):

func socialSignInWithWebUI() async {
    do {
        let signInResult = try await Amplify.Auth.signInWithWebUI(for: .facebook, presentationAnchor: self.view.window!)
        if signInResult.isSignedIn {
            print("Sign in succeeded")
        }
    } catch let error as AuthError {
        print("Sign in failed \(error)")
    } catch {
        print("Unexpected error: \(error)")
    }
}
func socialSignInWithWebUI() -> AnyCancellable {
    Amplify.Publisher.create {
        try await Amplify.Auth.signInWithWebUI(for: .facebook, presentationAnchor: self.view.window!)
        }.sink {
            if case let .failure(authError) = $0 {
                print("Sign in failed \(authError)")
            }
        }
        receiveValue: { signInResult in
            if signInResult.isSignedIn {
                print("Sign in succeeded")
            }
        }
}

Sign in with passwordless methods

Your application's users can also sign in using passwordless methods. To learn more, visit the concepts page for passwordless.

SMS OTP

// sign in with `smsOTP` as preferred factor
func signIn(username: String) async {
    do {
        let pluginOptions = AWSAuthSignInOptions(
                authFlowType: .userAuth(preferredFirstFactor: .smsOTP))
        let signInResult = try await Amplify.Auth.signIn(
            username: username,
            options: .init(pluginOptions: pluginOptions))
        print("Sign in succeeded. Next step: \(signInResult.nextStep)")
    } catch let error as AuthError {
        print("Sign in failed \(error)")
    } catch {
        print("Unexpected error: \(error)")
    }
}


// confirm sign in with the code received
func confirmSignIn() async {
    do {
        let signInResult = try await Amplify.Auth.confirmSignIn(challengeResponse: "<confirmation code received via SMS>")
        print("Confirm sign in succeeded. Next step: \(signInResult.nextStep)")
    } catch let error as AuthError {
        print("Confirm sign in failed \(error)")
    } catch {
        print("Unexpected error: \(error)")
    }
}
// sign in with `smsOTP` as preferred factor
func signIn(username: String) -> AnyCancellable {
    Amplify.Publisher.create {
        let pluginOptions = AWSAuthSignInOptions(
                authFlowType: .userAuth(preferredFirstFactor: .smsOTP))
        try await Amplify.Auth.signIn(
            username: username,
            options: .init(pluginOptions: pluginOptions))
    }.sink {
        if case let .failure(authError) = $0 {
            print("Sign in failed \(authError)")
        }
    }
    receiveValue: { signInResult in
        print("Sign in succeeded. Next step: \(signInResult.nextStep)")
    }
}


// confirm sign in with the code received
func confirmSignIn() -> AnyCancellable {
    Amplify.Publisher.create {
        try await Amplify.Auth.confirmSignIn(challengeResponse: "<confirmation code received via SMS>")
    }.sink {
        if case let .failure(authError) = $0 {
            print("Confirm sign in failed \(authError)")
        }
    }
    receiveValue: { signInResult in
        print("Confirm sign in succeeded. Next step: \(signInResult.nextStep)")
    }
}

Email OTP

// sign in with `emailOTP` as preferred factor
func signIn(username: String) async {
    do {
        let pluginOptions = AWSAuthSignInOptions(
                authFlowType: .userAuth(preferredFirstFactor: .emailOTP))
        let signInResult = try await Amplify.Auth.signIn(
            username: username,
            options: .init(pluginOptions: pluginOptions))
        print("Sign in succeeded. Next step: \(signInResult.nextStep)")
    } catch let error as AuthError {
        print("Sign in failed \(error)")
    } catch {
        print("Unexpected error: \(error)")
    }
}


// confirm sign in with the code received
func confirmSignIn() async {
    do {
        let signInResult = try await Amplify.Auth.confirmSignIn(challengeResponse: "<confirmation code received via SMS>")
        print("Confirm sign in succeeded. Next step: \(signInResult.nextStep)")
    } catch let error as AuthError {
        print("Confirm sign in failed \(error)")
    } catch {
        print("Unexpected error: \(error)")
    }
}
// sign in with `emailOTP` as preferred factor
func signIn(username: String) -> AnyCancellable {
    Amplify.Publisher.create {
        let pluginOptions = AWSAuthSignInOptions(
                authFlowType: .userAuth(preferredFirstFactor: .emailOTP))
        try await Amplify.Auth.signIn(
            username: username,
            options: .init(pluginOptions: pluginOptions))
    }.sink {
        if case let .failure(authError) = $0 {
            print("Sign in failed \(authError)")
        }
    }
    receiveValue: { signInResult in
        print("Sign in succeeded. Next step: \(signInResult.nextStep)")
    }
}


// confirm sign in with the code received
func confirmSignIn() -> AnyCancellable {
    Amplify.Publisher.create {
        try await Amplify.Auth.confirmSignIn(challengeResponse: "<confirmation code received via SMS>")
    }.sink {
        if case let .failure(authError) = $0 {
            print("Confirm sign in failed \(authError)")
        }
    }
    receiveValue: { signInResult in
        print("Confirm sign in succeeded. Next step: \(signInResult.nextStep)")
    }
}

WebAuthn Passkeys

PREVIOUS
Sign-up
NEXT
Switching authentication flows
Site color mode

Amplify open source software, documentation and community are supported by Amazon Web Services.

© 2024, Amazon Web Services, Inc. and its affiliates.

All rights reserved. View the site terms and privacy policy.

Flutter and the related logo are trademarks of Google LLC. We are not endorsed by or affiliated with Google LLC.