Amplify has re-imagined the way frontend developers build fullstack applications. Develop and deploy without the hassle.

Fullstack TypeScript

Write your app's data model, auth, storage, and functions in TypeScript; Amplify will do the rest.

Built with the AWS CDK

Use any cloud resource your app needs. Never worry about scale.

Learn more

Choose your framework/language

v1v2
Edit on GitHub

Page updated Feb 21, 2024

Accessing credentials

Amplify iOS v1 is now in Maintenance Mode until May 31st, 2024. This means that we will continue to include updates to ensure compatibility with backend services and security. No new features will be introduced in v1.

Please use the latest version (v2) of Amplify Library for Swift to get started.

If you are currently using v1, follow these instructions to upgrade to v2.

Amplify libraries should be used for all new cloud connected applications. If you are currently using the AWS Mobile SDK for iOS, you can access the documentation here.

An intentional decision with Amplify Auth was to avoid any public methods exposing credentials or manipulating them.

With Auth, you simply sign in and it handles everything else needed to keep the credentials up to date and vend them to the other categories.

However, if you need to access them in relation to working with an API outside Amplify or want access to AWS specific identifying information (e.g. IdentityId), you can access these implementation details by casting the result of fetchAuthSession as follows:

import AWSPluginsCore


Amplify.Auth.fetchAuthSession { result in
    do {
        let session = try result.get()


        // Get user sub or identity id
        if let identityProvider = session as? AuthCognitoIdentityProvider {
            let usersub = try identityProvider.getUserSub().get()
            let identityId = try identityProvider.getIdentityId().get()
            print("User sub - \(usersub) and identity id \(identityId)")
        }


        // Get AWS credentials
        if let awsCredentialsProvider = session as? AuthAWSCredentialsProvider {
            let credentials = try awsCredentialsProvider.getAWSCredentials().get()
            // Do something with the credentials
        }


        // Get cognito user pool token
        if let cognitoTokenProvider = session as? AuthCognitoTokensProvider {
            let tokens = try cognitoTokenProvider.getCognitoTokens().get()
            // Do something with the Cognito tokens
        }


    } catch {
        print("Fetch auth session failed with error - \(error)")
    }
}

If you have enabled guest user in Cognito Identity Pool and no user is signed in, you will be able to access only identityId and AWS credentials. All other session details will give you an error.

import AWSPluginsCore


Amplify.Auth.fetchAuthSession { result in
    do {
        let session = try result.get()


        // Get identity id
        if let identityProvider = session as? AuthCognitoIdentityProvider {
            let identityId = try identityProvider.getIdentityId().get()
            print("Identity id \(identityId)")
        }


        // Get AWS credentials
        if let awsCredentialsProvider = session as? AuthAWSCredentialsProvider {
            let credentials = try awsCredentialsProvider.getAWSCredentials().get()
            // Do something with the credentials
        }


    } catch {
        print("Fetch auth session failed with error - \(error)")
    }
}
Site color mode

Amplify open source software, documentation and community are supported by Amazon Web Services.

© 2024, Amazon Web Services, Inc. and its affiliates.

All rights reserved. View the site terms and privacy policy.

Flutter and the related logo are trademarks of Google LLC. We are not endorsed by or affiliated with Google LLC.