This document describes how to integrate Kakao Login APIs into your service with the Kakao SDK for iOS.

To learn about each API in detail, refer to Concepts.

For a Kakao Login button, you can download the resources provided by Kakao or customize buttons according to your service user interface by referring to the Design Guide.

The implementation of Kakao Login using the iOS SDK is divided into three methods depending on how the user's Kakao Account is authenticated.

Consider the characteristics of each authentication method and the login flow of your service to determine which method is most suitable. You may implement both login with Kakao Talk and Kakao Account methods, or use the Select Kakao Login method to present a login selection screen. Since each method has different setup requirements and exception handling, refer to the respective development documentation.

The Login with Kakao Talk allows users to move to Kakao Talk from a service app and go back to the app when the user selects [Accept and Continue] or [Cancel] on Kakao Talk. To implement this process, you must configure these things:

1. Register Allowlist to allow Kakao Talk to run from your service app by referring to Register Allowlist.
2. Set a Custom URL Scheme used to open Kakao Talk.
3. Add the handleOpenUrl() method that asks to open the URL in the SceneDelegate.swift file to complete the login process after coming back to the service app.
4. If you use the SwiftUI App Life Cycle, add handleOpenUrl() inside the ${PROJECT_NAME}App class using onOpenURL() in the same way with initializing SDK.

import KakaoSDKAuth
...

class SceneDelegate: UIResponder, UIWindowSceneDelegate {
    ...
    func scene(_ scene: UIScene, openURLContexts URLContexts: Set<UIOpenURLContext>) {
        if let url = URLContexts.first?.url {
            if (AuthApi.isKakaoTalkLoginUrl(url)) {
                _ = AuthController.handleOpenUrl(url: url)
            }
        }
    }
    ...
}

Opens the Kakao Login page and the Consent screen to sign users in to your service with authentication information from Kakao Talk or Kakao Account.

To check if Kakao Talk is installed on a user's device, it is recommended to call isKakaoTalkLoginAvailable() first. Then, call loginWithKakaoTalk() method that runs Kakao Talk and prompts the Consent screen that asks consent. You can get consent to desired service terms by using the serviceTerms parameter.

To handle exceptions, refer to the AuthFailureReason section in the reference.

When a user consents, Kakao identifies the user with the user's Kakao Account information linked to Kakao Talk, and then issues tokens. The iOS SDK provides the issued tokens through the OAuthToken object.

The issued tokens are stored through the TokenManagerProvider class. The stored tokens are automatically added to the authorization header when calling the token-based APIs.

// Check if Kakao Talk has been installed.
if (UserApi.isKakaoTalkLoginAvailable()) {
    UserApi.shared.loginWithKakaoTalk {(oauthToken, error) in
        if let error = error {
            print(error)
        }
        else {
            print("loginWithKakaoTalk() success.")

            // Implement service logics
            _ = oauthToken
        }
    }
}

Call loginWithKakaoAccount() method that opens a default web browser and prompts the Consent screen that asks consent.

You can use the following parameters to implement additional features.

• prompts:
  • Reauthentication login
  • Log in after signing up for Kakao Account
  • Kakao Account easy login
• loginHint: Provide login hint
• serviceTerms: Get consent to desired service terms

When a user consents, Kakao identifies the user through the user's Kakao Account cookie stored on the default web browser and then issues tokens through the OAuthToken class.

UserApi.shared.loginWithKakaoAccount {(oauthToken, error) in
        if let error = error {
            print(error)
        }
        else {
            print("loginWithKakaoAccount() success.")

            // Implement service logics
             _ = oauthToken
        }
    }

Call loginWithKakao() to display a login selection screen with Login with Kakao Talk and Login with Kakao Account buttons.

The iOS SDK provides the login selection screen. When calling loginWithKakao(), pass the screen settings (landscape/portrait orientation, light/dark mode) in BridgeConfiguration.

Pass the parameter settings used for logging in with Kakao Talk and Kakao Account in LoginConfiguration.

• Talk: Settings for Login with Kakao Talk
  • launchMethod: Select the app transition method, either Custom Scheme (.CustomScheme) or Universal Link (.UniversalLink)
• Account: Settings for Login with Kakao Account
  • prompts: Used to implement Reauthentication login, Log in after signing up for Kakao Account, and Kakao Account easy login features
  • loginHint: Used to implement Provide login hint feature

The user logs in with Kakao Talk or Kakao Account depending on the selected login method. On successful login, tokens are returned. On failure, error information is provided.

// Call unified login UI with default settings
UserApi.shared.loginWithKakao(BridgeConfiguration(), loginProperties: LoginConfiguration()) { [weak self] token, error in
    if let error = error {
        print(error)
        // Handle error
        return
    }

    print("loginWithKakao() success.")
    // Implement service logics
    _ = token
}

To request additional consent, call loginWithKakaoAccount(). Pass the scopes of user information you want to request additional consent through scopes as an array of strings.

Here is an example of checking which scopes are required to get consent with the me() method and requesting additional consent by passing scopes when calling loginWithKakaoAccount().

UserApi.shared.me() { (user, error) in
    if let error = error {
        print(error)
    }
    else {

        if let user = user {

            //Add the desired scope among the list of all scopes.
            var scopes = [String]()
            if (user.kakaoAccount?.profileNeedsAgreement == true) { scopes.append("profile") }
            if (user.kakaoAccount?.emailNeedsAgreement == true) { scopes.append("account_email") }
            if (user.kakaoAccount?.birthdayNeedsAgreement == true) { scopes.append("birthday") }
            if (user.kakaoAccount?.birthyearNeedsAgreement == true) { scopes.append("birthyear") }
            if (user.kakaoAccount?.genderNeedsAgreement == true) { scopes.append("gender") }
            if (user.kakaoAccount?.phoneNumberNeedsAgreement == true) { scopes.append("phone_number") }
            if (user.kakaoAccount?.ageRangeNeedsAgreement == true) { scopes.append("age_range") }

            if scopes.count > 0 {
                // If OpenID Connect (OIDC) is enabled,
                // - When "openid" is added to `scopes`, OIDC is applied.
                // - When "openid" is not added to `scopes`, OAuth 2.0 is applied.

                // To use OIDC, add "openid" to `scopes`.
                // scopes.append("openid")

                // The tokens are refreshed for the designated scopes.
                UserApi.shared.loginWithKakaoAccount(scopes: scopes) { (_, error) in
                    if let error = error {
                        print(error)
                    }
                    else {
                        UserApi.shared.me() { (user, error) in
                            if let error = error {
                                print(error)
                            }
                            else {
                                print("me() success.")

                                // Implement service logics
                                _ = user
                            }
                        }
                    }
                }
            }
            else {
                print("Not need to get additional consent.")
            }
        }
    }
}

To request consent to specific service terms from a user, pass the list of service term tags through serviceTerms as an argument. Include at least one required service term's tag to prompt the consent screen.

// Add service_terms in a string format that includes all service terms separated by ‘,’
// ex) "tag1,tag2"
let serviceTerms = ["tag1", "tag2"]

UserApi.shared.loginWithKakaoAccount(serviceTerms: serviceTerms, completion: {(oauthToken, error) in
if let error = error {
        print(error)
    }
    else {
        print("loginWithKakaoAccount(serviceTerms:) success.")
        // Implement service logics
        _ = oauthToken
    }
})

You can request reauthentication regardless of a user's login status to enhance security. Set prompts to .LOGIN, and pass it when calling loginWithKakaoAccount(). Then, the login screen is prompted even though a user has already been logged in on the same web browser on the device.

UserApi.shared.loginWithKakaoAccount(prompts:[.Login]) {(oauthToken, error) in
    if let error = error {
        print(error)
    }
    else {
        print("loginWithKakaoAccount() success.")

        // Implement service logics
        _ = oauthToken

    }
}

For services using OpenID Connect, if OpenID Connect activation is enabled, an ID token is issued along with the authorization code without requiring additional parameters. When using OpenID Connect, it is recommended to use the nonce parameter to prevent ID token replay attacks. However, when making a Request additional consent request, the scope parameter must include openid for the ID token to be reissued. (Refer to: Scope parameter in the Get authorization code API)

You can request to prompt the Kakao Account sign-up page before Kakao Login. Set prompts to .Create, and pass it when calling loginWithKakaoAccount(). The Kakao Login consent screen will be present after signing up for Kakao Account.

UserApi.shared.loginWithKakaoAccount(prompts:[.Create]) {(oauthToken, error) in
    if let error = error {
        print(error)
    }
    else {
        print("loginWithKakaoAccount() success.")

        // Implement service logics
        _ = oauthToken

    }
}

To fill in the ID automatically, use the loginHint parameter. The value of the loginHint parameter will be entered in the Kakao Account login page.

UserApi.shared.loginWithKakaoAccount (loginHint: "${HINT}")  {(oauthToken, error) in
        if let error = error {
            print(error)
        }
        else {
            print("loginWithKakaoAccount() success.")

            // Implement service logics
            _ = oauthToken
        }
    }

To request Kakao Account easy login, set the prompt parameter to SelectAccount.

UserApi.shared.loginWithKakaoAccount(prompts:[.SelectAccount]) {(oauthToken, error) in
    if let error = error {
        print(error)
    }
    else {
        print("loginWithKakaoAccount() success.")

        // Implement service logics
        _ = oauthToken

    }
}

Checks if a user has obtained an access token through Kakao Login.

Call hasToken().

This API returns the presence of an access token or refresh token as a boolean type. However, note that the return value true does not guarantee that the user is in a logged-in state.

If the value false is returned, it means that a token does not exist. In this case, implement a process for a user to log in to issue a token. On the other hand, if the return value is true, you can validate the access token that the user has through the accessTokenInfo() method in UserApi, and then proceed as follows depending on the request result:

• If the request is successful, the access token information is returned,
  • Access token is valid, which means the user does not need to log in.
  • You can call the Kakao APIs with the access token.
• If an error occurs,
  • Access and refresh tokens are invalid, which means the user needs to log in.
  • You need to handle errors by referring to the reference.

if (AuthApi.hasToken()) {
    UserApi.shared.accessTokenInfo { (_, error) in
        if let error = error {
            if let sdkError = error as? SdkError, sdkError.isInvalidTokenError() == true  {
                //Login is required.
            }
            else {
                //Handle other errors.
            }
        }
        else {
            //Succeeded in validating token (Token is refreshed if needed).
        }
    }
}
else {
    //Login is required.
}

Retrieves the validity period of the access and refresh tokens in seconds, app ID and service user ID.

Call accessTokenInfo().

Refer to REST API for detailed response information.

// Retrieve the expiration time of the access token.
UserApi.shared.accessTokenInfo {(accessTokenInfo, error) in
    if let error = error {
        print(error)
    }
    else {
        print("accessTokenInfo() success.")

        // Implement service logics
        _ = accessTokenInfo
    }
}

Logs out the user by revoking the tokens stored in the iOS SDK.

After logout, you cannot call Kakao APIs with the user's information.

Call logout().

Regardless of the result of the logout request, the iOS SDK deletes the access and refresh tokens and has the login session end.

UserApi.shared.logout {(error) in
    if let error = error {
        print(error)
    }
    else {
        print("logout() success.")
    }
}

Withdraws the user's consent and revokes the issued access and refresh tokens.

For more details, see Unlink.

Call unlink().

If the request is successful, the iOS SDK deletes the access and refresh tokens. As the issued Tokens are revoked, the session between an app and a user is disconnected, and the user is logged out and unlinked from your app.

UserApi.shared.unlink {(error) in
    if let error = error {
        print(error)
    }
    else {
        print("unlink() success.")
    }
}

Retrieves Kakao Account information of a user who is logged into Kakao.

Call me().

The user information in response to this request is passed to the User class. For example, you can access user.id to retrieve Service user ID, user.kakaoAccount.profile for Kakao Account's profile information, user.kakaoAccount.email for email.

Refer to REST API for detailed response information.

UserApi.shared.me() {(user, error) in
    if let error = error {
        print(error)
    }
    else {
        print("me() success.")

        // Implement service logics
        _ = user
    }
}

Saves values to the user properties that you defined for your service.

You can only save values to user properties that have been registered in Kakao Developers. For details, refer to How to use.

Call updateProfile(). You must pass the custom property keys and values that you want to upadate through properties in a key-value pair. For example, if you want to update a user's clothing size, set properties to ["clothing_size":"small"].

The response includes the service user ID.

UserApi.shared.updateProfile(properties: ["${CUSTOM_PROPERTY_KEY}":"${CUSTOM_PROPERTY_VALUE}"]) {(error) in
    if let error = error {
        print(error)
    }
    else {
        print("updateProfile() success.")
    }
}

Prompts the shipping address picker to allow users to select a shipping address and returns the selected shipping address ID.

Call selectShippingAddress().

This API returns an addressId for the selected shipping address. Request Retrieve shipping address with the addressId to get the detailed shipping address.

Refer to Error code for the error cause.

// Select shipping address
UserApi.shared.selectShippingAddress { (addressId, error) in
  if let error = error {
    print(error)
  } else {
    // Retrieve shipping address
    if let addressId = addressId {
      UserApi.shared.shippingAddresses(addressId: addressId) { (shippingAddress, error) in
        if let error = error {
          print(error)
        } else {
          print(shippingAddress)
        }
      }
    }
  }
}

Retrieves shipping addresses saved in the user's Kakao Account.

Call shippingAddresses() in UserApi.

Specify the address ID to the addressId parameter.

shippingAddresses() returns the UserShippingAddresses object.

If not using Select shipping address API, the response may not include the shipping address when the user did not consent to the [Shipping information]. Refer to No shipping address in the response.

Refer to Error code for the error cause.

UserApi.shared.shippingAddresses {(shippingAddress, error) in
    if let error = error {
        print(error)
    }
    else {
        print("shippingAddresses() success.")
        // Implement service logics
        _ = shippingAddress
}

Retrieves the detailed information of the scopes (consent items) that a user has agreed to.

You can check all scopes set in [Kakao Login] > [Consent Items] on the app management page and the details of the scopes. If a user has consented to the scope before, the scope is included in the response even though your app is currently not using the scope.

Call scopes().

If the request is successful, scopes() returns the ScopeInfo object.

Refer to REST API for detailed response information.

UserApi.shared.scopes() { (scopeInfo, error) in
    if let error = error {
        self?.errorHandler(error: error)
    }
    else {
        self?.success(scopeInfo)

        // Implement service logics
        _ = scopeInfo
    }
}

You can also retrieve the information of specific scopes by passing scope IDs. In this case, the response includes only the detailed information of the specified scopes if the request is successful.

UserApi.shared.scopes(scopes: ["account_email","gender"]) { (scopeInfo, error) in
    if let error = error {
        self?.errorHandler(error: error)
    }
    else {
        self?.success(scopeInfo)

        // Implement service logics
        _ = scopeInfo
    }
}

Revokes the consent for certain scopes that the user has previously agreed to.

Among the scope information retrieved by the Retrieve consent details API, only the scopes with the revocable value set to true can have their consent revoked.

If you request to revoke a scope that cannot be revoked, an error response is returned. Once a scope's consent has been revoked, the agreed value for that scope will be false in subsequent responses.

Call revokeScopes(). You must pass the list of scope ID through the scopes parameter when calling revokeScopes().

If the request is successful, scopes() returns the ScopeInfo object that includes the details of each scope and whether a user has agreed to the scope.

UserApi.shared.revokeScopes(scopes: ["account_email","gender"]) { (scopeInfo, error) in
    if let error = error {
        self?.errorHandler(error: error)
    }
    else {
        self?.success(scopeInfo)

        // Implement service logics
        _ = scopeInfo
    }
}

This section provides guidelines on how to use the service terms-related APIs.

Retrieves the service terms that a user has consented to.

Call serviceTerms().

serviceTerms() returns the UserServiceTerms object.

Refer to REST API for detailed response information.

UserApi.shared.serviceTerms() { (userServiceTerms, error) in
    if let error = error {
        self?.errorHandler(error: error)
    }
    else {
        self?.success(userServiceTerms)

        // Implement service logics
        _ = userServiceTerms
    }
}

Revokes a service terms that a specific user has agreed to.

You can revoke only service terms with the revocable (revocable) value of true in the response of the Retrieve consent details for service terms API. If the request succeeds, the response returns a list of service terms for which consent was revoked successfully. Service terms not agreed to by the user for which consent cannot be revoked are not included.

Call revokeServiceTerms(). Specify the tags of the service terms you want to revoke consent for in tags.

revokeServiceTerms() returns the UserRevokedServiceTerms object.

Refer to REST API for detailed response information.

UserApi.shared.revokeServiceTerms(tags: ["test_tag1","test_tag2"]) { (userRevokedServiceTerms, error) in
    if let error = error {
        self?.errorHandler(error: error)
    }
    else {
        self?.success(userRevokedServiceTerms)

        // Implement service logics
        _ = userRevokedServiceTerms
    }
}

Manually links the app and user for apps that do not use Auto-link.

The Manual signup API manually links a user with your app to complete signup when the Auto-link is disabled.

To figure out if the currently logged-in user needs to be linked with your app, check the value of hasSignedUp in the response of the Retrieving user information API and handle each case:

• true: The user is already linked with your app. You do not need to call the Manual signup API.
• false: The user is not linked with your app. You must call signup() to link the user with your app manually.
• nil: Your app is using the Auto-link feature. You do not need to call the Manual signup API.

If the return value of hasSignedUp is false and the user is ready to sign up, call signup() to complete the signup.

If the request is successful, the user's service ID is returned.

To check the request result, request the Retrieving user information API again and check the value of hasSignedUp because the user's linked status is not provided even when the request is successful.

UserApi.shared.signup { (userId, error) in
    if let error = error {
        print(error)
    }
    else {
        print("signup() success.")
    }
}

If you want to store the user's information when the user is linked to your app, pass properties.