loginWebview.loadLoginWebview(reachfive: AppDelegate.reachfive())


Opens an insecure webview through the authorization endpoint:

  • If end-users have an active in-app SSO session, the authorization endpoint immediately redirects to the application.

  • If end-users do not have an active in-app SSO session, they are redirected to the client’s Login URL for authentication.

You must have configured a Login URL and enabled request orchestration tokens for your identity client.

Orchestrated flows are supported from version 1.24.0 for the Core SDK and version 1.16.0 for the UI SDK.

We recommend using the standard native login or standard webview login for iOS. Proceed with caution while using this particular method for user authentication.


import UIKit
import Foundation
import IdentitySdkCore
import BrightFutures

class LoginWKWebviewController: UIViewController {

    @IBOutlet var loginWebview: LoginWKWebview!

    override func viewWillAppear(_ animated: Bool) {
        let promise = Promise<AuthToken, ReachFiveError>()
        loginWebview.loadLoginWebview(reachfive: AppDelegate.reachfive(), promise: promise)
            .onSuccess(callback: goToProfile)
            .onFailure( error in
                let alert = AppDelegate.createAlert(title: "Login failed", message: "Error: \(error.message())")
                self.present(alert, animated: true)
You can find this example with its UI integration in the ReachFive sandbox.


To further customise the behaviour and appearance of the WKWebview, please see the ReachFive sandbox.


Parameter Description


The ReachFive AppDelegate method.


Type: Future<AuthToken, ReachFiveError>


The authentication token.


The ID token JSON Web Token (JWT) that contains the profile’s information.


The authorization credential JSON Web Token (JWT) used to access the ReachFive API.


The refresh token JSON Web Token (JWT) used to obtain new access tokens once they expire. This is only available when the offline_access scope is requested.


The type of token. Always equal to Bearer.


The lifetime in seconds of the access token.

If expiresIn is less than or equal to 0, the AuthToken is expired.

user OpenIDUser

The user’s information contained in the ID token.

id string

The identifier of the user.

name string

The full name of the user in displayable form including all name parts, possibly including titles and suffixes, ordered according to the user’s locale and preferences.

preferredUsername string

The shorthand name by which the user wishes to be referred to.

givenName string

The given name or first name of the user.

familyName string

The surname or last name of the user.

middleName string

The middle name of the user.

nickname string

The casual name of the user that may or may not be the same as the givenName

picture string

The URL of the user’s profile picture.

website string

The URL of the user’s web page or blog.

email string

The user’s preferred e-mail address.

emailVerified boolean

True if the user’s e-mail address has been verified; otherwise false.

gender string

The user’s gender.

zoneinfo string

The string from zoneinfo time zone database representing the user’s time zone.

locale string

The user’s language code in lowercase and country code in uppercase, separated by a dash.

phoneNumber string

The user’s preferred telephone number.

phoneNumberVerified boolean

true if the user’s phone number has been verified; otherwise false.

address string

The user’s preferred postal address.


Based on the problem, the ReachFiveError will be:

  • RequestError(requestErrors: RequestErrors) if it’s a bad request error.

    error string

    The main error message.

    errorId string

    The identifier of the error.

    errorUserMsg string

    The user-friendly error message.

    This property is translated according to the user’s browser settings. Currently supported languages:
    Currently supported languages
    • ar - العربية Arabic

    • de - Deutsch German

    • en - English

    • es - Español Spanish

    • fr - Français French

    • hu - Magyar Hungarian

    • it - Italiano Italian

    • jp - 日本 Japanese

    • ko - 한국인 Korean

    • nl - Nederlands Dutch

    • pt - Portuguese

    • ru - Ру́сский Russian

    • sk - Slovenský Slovak

    • zh-CN - People’s Republic of China Simplified Chinese

    • zh-Hans - Simplified Chinese

    • zh-Hant - Traditional Chinese

    • zh-HK - Hong Kong Traditional Chinese

    • zh-MO - Macao Traditional Chinese

    • zh-SG - Singapore Simplified Chinese

    • zh-TW - Taiwan Traditional Chinese

    errorMessageKey string

    The error message key.

    errorDescription string

    The technical error message.

    errorDetails FieldError[]

    field string

    The field concerned by the error.

    message string

    The message error returned for the field.

    code string

    The code error returned for the field.

    • AuthFailure(reason: String) if the authentication has failed.

    • AuthCanceled if the authentication was cancelled.

    • TechnicalError(reason: String) if it’s an internal server error.