Disruptive Documentation

Class OAuth2Authenticator

public class OAuth2Authenticator: Authenticator  

An Authenticator that logs in a service account using OAuth2 with a JWT Bearer Token as an authorization grant. This is a more secure flow than the basic auth counter-part, and is the recommended way to authenticate a service account in a production environment.

An OAuth2Authenticator is authenticated by default, so there is no need to call login(). However if you'd like the authenticator to no longer be authenticated, you can call logout(), and then login() if you want it to be authenticated again.

See Authenticator for more details about the properties and methods.

See the Developer Website for details about OAuth2 authentication using a Service Account.


let credentials = ServiceAccountCredentials(email: "<EMAIL>", keyID: "<KEY_ID>", secret: "<SECRET>")
let authenticator = OAuth2Authenticator(credentials: credentials)
let disruptive = Disruptive(authenticator: authenticator)
%83 OAuth2Authenticator OAuth2Authenticator Authenticator Authenticator OAuth2Authenticator->Authenticator

Conforms To


Defines the interface required to authenticate the Disruptive struct.



public init(credentials: ServiceAccountCredentials, authURL: String = Disruptive.defaultAuthURL)  

Initializes an OAuth2Authenticator using a set of ServiceAccountCredentials.


credentials Service​Account​Credentials

The ServiceAccountCredentials to use for authentication. It can be created in DT Studio by clicking the Service Account tab under API Integrations in the side menu.

auth​URL String

Optional parameter. Used to specify the endpoint to exchange a JWT for an access token. The default value is Disruptive.defaultAuthURL.



public let credentials : ServiceAccountCredentials

The service account used to authenticate against the Disruptive Technologies' REST API.


public let authURL: String

The authentication endpoint to fetch the access token from.


private(set) public var auth: Auth? 

The authentication details.


private(set) public var shouldAutoRefreshAccessToken = true

An OAuth2Authenticator will default to automatically get a fresh access token. This will be switched on and off when login() and logout() is called respectively.



public func login(completion: @escaping AuthHandler)  

Refreshes the access token, stores it in the auth property, and sets shouldAutoRefreshAccessToken to true.


public func logout(completion: @escaping (Result<Void, DisruptiveError>) -> ())  

Logs out the auth provider by setting auth to nil and shouldAutoRefreshAccessToken to false. Call login() to log the auth provider back in again.


public func refreshAccessToken(completion: @escaping (Result<Void, DisruptiveError>) -> ())  

Used internally to create a JWT from the service account passed in to the initializer, which is then exchanged with an access token from the authentication endpoint. This access token is stored in the auth property along with the received expiration date.

This flow is described in more detail on the Developer Website.