Swiftly Salesforce is the Swift-est way to build native mobile apps that connect to Salesforce:
Get up and running in a few minutes:
Check out this screenshot for an example Connected App definition. Note that the checkbox for "Require Secret for Refresh Token Flow" should not be selected.
Most of your interactions with Swiftly Salesforce will be via the
ConnectedApp struct, which represents your Salesforce Connected App. For example, you could
delete Salesforce records using
ConnectedApp's relevant convenience methods.
Check out MySalesforceAccounts for a complete, working app that uses SwiftUI, Combine and Swiftly Salesforce to display the user's Salesforce account records. Though it's a relatively-trival app, it illustrates how to configure an app and quickly connect it to Salesforce. See especially MyAccountsLoader.swift, ContentView.swift and Salesforce.json.
Before you run the sample app, edit Salesforce.json and replace the temporary values for the consumer key and callback URL with those of your own Connected App.
Swiftly Salesforce will automatically manage all required Salesforce authorization flows. If Swiftly Salesforce already has a valid access token in its secure store, it will include that token in the header of every API request. If the token has expired and Salesforce rejects the request, then Swiftly Salesforce will attempt to refresh the access token without bothering the user to re-enter the username and password. If Swiftly Salesforce doesn't have a valid access token, or is unable to refresh it, then Swiftly Salesforce will direct the user to the Salesforce-hosted login form.
You could modify this default authorization behavior if you don't want your user interrupted by Salesforce's authentication form. Many methods have an argument,
allowsLogin, which is
true by default (example). But if you set
false, Swiftly Salesforce would attempt to refresh the token without interrupting the user, and if that attempt is unsuccessful the call would fail. The user would not be prompted for the username and password, and you could catch the resulting error and handle it as you see fit.