I have an API that returns an access token upon successful authentication (username, password). I am building an iOS app that authenticates with this API. Where would be the most appropriate place to store this access token, and how would I implement it? It seems that NSUserDefaults would be pretty easy to use, but it seems intended for storing user preferences.
Asked
Active
Viewed 131 times
0
Andrew
- 227,796
- 193
- 515
- 708
1 Answers
2
Any sensitive data should be stored in keychain. You are correct, NSUserDefaults is easy for a hacker to read. Take a look at https://github.com/soffes/sskeychain.
A more barebones approach is to use the wrapper apple provides. https://developer.apple.com/library/ios/samplecode/GenericKeychain/Listings/Classes_KeychainItemWrapper_h.html
This shows more of the implementation, but requires some tedious code.
Also if you're using swift. https://github.com/deniskr/KeychainSwiftAPI
patrick.ryan93
- 151
- 7