How to set up username and password authentication with the AirWatch iOS SDK

The AirWatch SDK provides helper classes to authenticate credentials against AirWatch. An application can limit its access to users by integrating user authentication. Users need to be authenticated against the AirWatch Console, whether it is for a basic enrollment user or an Active Directory account, allowing your application to follow the same corporate security policies that are enforced with your other applications and systems. 

One type of authentication possible through the SDK is to use username and password credentials. 


Authentication Type




Designates a local passcode requirement for AirWatch applications or wrapped applications that have the default settings profile applied to them. Device users set their passcode on the device at the application level when they first access the application.

Username and Password

Requires a user to authenticate to AirWatch using the AirWatch credentials. Set these credentials when you add users in the Accounts area of the AirWatch Admin Console.


Requires no authentication to access the application.

Note: Authentication Type and SSO can work together or alone. If you enable an Authentication Type (passcode or username/password) without SSO, then users must enter a separate passcode or credentials for each individual application. If you enable both Authentication Type and SSO, then users enter either their passcode or credentials (whichever you configure as the Authentication Type) once and do not have to re-enter them until the SSO session terminates. 


Simple Implementation in Xcode

Note: In order to get credentials, devices must enroll using the AirWatch Agent or AirWatch Container; otherwise, the properties are nil.

In order to simply get the user’s credentials, see the following template code:


Now you have the user's username, password and GroupID stored in the variables, respectively. 


Implement Authentication Wall in Xcode

In the following example, you would like to limit access to your application to AirWatch users. To do so, set up a Login View such as the one below to allow users to enter in their credentials and access the application. This forces users to login using this view before removing the authentication wall. 



The following demonstrates how to create the method that will be listening for the "Login" button press shown in the previous image:



Note: You will need to include the AWEnrollmentAccount and AWEnrollmentAccountAuthenticator header files in order to implement the method above:



Example Implementation

Below you will see a sample implementation of the above code, that also uses a GeneralUtil class (also shown below) in order to display a UIAlertView:



The following is the GeneralUtil.m class:



The corresponding header file is as follows:



Authentication SDK Payload – Username and Password

If you would like AirWatch to take care of the authentication wall into your app, you can also choose to apply an SDK Profile with solely the Username and Password authentication method selected. This will force users to authenticate into a screen such as the one following, before gaining access to your application.



 Finishing Up

You should now be able to implement the functionality of authenticating an AirWatch user through your login screen, or, at very the least, gather the user’s authentication credentials as they were used to enroll the device using the anchor app (i.e. the AirWatch Agent or Container).

Have more questions? Submit a request


Article is closed for comments.