iOS/Rails OAuth Flow

Alex Egg,

Do you want to remove friction from your user on-boarding by adding facebook login to you app? This can be an appealing feature as you can signup w/o typing your email, password and password confirmation on a mobile device keyboard.

I couldn’t find any well defined patterns or examples to do this w/ ios/rails, so I though I would document it here. Thus: a simple oauth flow (facebook/twitter) for an ios client and a rails server.


The ios client initiates the process, by starting the oauth flow between the mobile client and facebook. This is well described by the facebook docs and they even provide a turn-key login button solution. The end result in this is the client receiving an oauth token for the facebook user.

Now the client must send the FB token back to the server where the server will use it to query the Facebook Graph API and get back some user info. We then lookup a user in the DB using the facebook user id – if there is a match we log the user in by returning an app token back to the client. If a user can not be found using the data from the Graph API call, that would imply this is a new user signing, so create the user and return the app token to the client.

The client now uses this token to communicate w/ the api.


This flow is similar to the method that the omniauth-facebook gem uses to do FB oauth w/ rails.

Permalink: ios-rails-oauth-flow


Last edited by Alex Egg, 2016-10-05 19:03:58
View Revision History