iOS Native Setup


There are two steps required to fully implement the Arkose Labs Detection and Prevention Platform (Arkose Labs Platform):

  1. Client-side implementation that allows the Arkose Labs Platform to collect data necessary to classify the traffic from the client, display an Enforcement Challenge (EC) if necessary, and provide a one-time use token.

  2. Server-side implementation that takes the token provided by the client-side and verifies it with the Arkose Labs verify API. The result is a response that contains information about the session, either in a simple format or as a JSON.

This guide includes client-side set up information for iOS. The EC is implemented into your iOS app using frameworks that are already part of the Swift programming language.


API Request Authentication

Arkose Labs authenticates your API requests using a private/public key pair that can be retrieved from the Site Settings page of the Arkose Labs Client Dashboard. If you do not have access to the dashboard or do not have your private and public keys, contact your Sales Rep or Sales Engineer.

The private key is needed to authenticate when using the verify API. This private key must not be published on a client facing website, and must only be used on your server-side implementation on the Arkose Labs verify API.


Client-side Setup for iOS

Xcode Environment Setup

  1. For this example, you will need to create a directory within your application called Web_Assets. The code in this example is looking for an HTML document called index.html in that directory.


  2. The index.html document must contain the client side EC code which enables the EC to render properly within the WebView.
    The following code is an example of what index.html must contain to invoke a basic EC. In this example, replace "YOUR_PUBLIC_KEY_GOES_HERE" with the Public Key provided by Arkose Labs.

        <script src="" async defer></script>
        <script type="text/javascript">
            function loadChallenge() {
                new ArkoseEnforcement({
                               public_key: "YOUR_PUBLIC_KEY_GOES_HERE",
                               target_html: "CAPTCHA",
                               callback: function() {
        <form method="post" target="_self">
            <p><label for="name">Name</label><input type="text" name="name"></p>
                <div id="CAPTCHA"></div>
                <input name="Submit" type="submit" value="Submit">

Invoking the EC through a ViewController

  1. The following Swift syntax is needed to invoke the EC via the WebView within the app:

import UIKit
import WebKit

// Wrap the WKWebView webview to allow IB use

class MyWebView : WKWebView {
    required init?(coder: NSCoder) {
        let configuration = WKWebViewConfiguration()
        let controller = WKUserContentController()
        configuration.userContentController = controller;
        super.init(frame:, configuration: configuration)

class ViewController: UIViewController {
    @IBOutlet weak var webView: MyWebView!
    override func viewDidLoad() {
        // Choose to load a file or a string
        let loadFile = false
        if let filePath = Bundle.main.path(forResource:"index", ofType:"html", inDirectory: "Web_Assets") {
            if (loadFile) {
                // load file
                let filePathURL = URL.init(fileURLWithPath: filePath)
                let fileDirectoryURL = filePathURL.deletingLastPathComponent()
                webView.loadFileURL(filePathURL, allowingReadAccessTo: fileDirectoryURL)
            } else {
                do {
                    // load html string - baseURL needs to be set for local files to load correctly
                    let html = try String(contentsOfFile: filePath, encoding: .utf8)
                    webView.loadHTMLString(html, baseURL: Bundle.main.resourceURL?.appendingPathComponent("Web_Assets"))
                 } catch {
                     print("Error loading html")

Once the challenge is invoked, you need to collect the Session Token and pass it to your server with the flow data for validation. An example of how to do this in Swift would look like the code below:

let sessionToken = WebView.stringByEvaluatingJavaScriptFromString("document.getElementById('FunCaptcha-Token').value")

Server-Side Instructions

When you have successfully set up the client-side you must go on to the server-side instructions.

Was this article helpful?
0 out of 0 found this helpful