For up-to-date product documentation, see the IBM MobileFirst Foundation Developer Center.

Set up MobileFirst security for the iPhone app and the watchOS 2 app

We can set up MobileFirst security for our iPhone app and watchOS 2 app by registering each as a separate target on the IBM MobileFirstâ„¢ Platform Server.

Before you begin

For this example, we must have already created:



The Apple Watch and iPhone devices differs physically. Therefore the security checks for each must be appropriate for the available input devices. For example, the Apple Watch is limited to a number pad and does not allow the usual username/password security check. Therefore access to protected resources on the server could be enabled using a pin code. Because of these and similar differences, it is necessary to apply different security checks for each target.

Below is one example of creating an app with both an iPhone and an Apple Watch target. This architecture allows each to have its own security check. The differing security checks are just examples of how we can design features for each target. Additional security checks might be available.


  1. Determine the scope and security checks defined by the protected resource. See Security-checks configuration.
  2. In the IBM MobileFirst Platform Operations Console:
    1. Ensure that both apps are registered on the server:

      • com.worklight.[project_name]
      • com.worklight.[project_name].watchkitextension
    2. Map the scopeName to the defined security checks:

      • For com.worklight.[project_name] map it to the username/password check.
      • For com.worklight.[project_name].watchkitapp.watchkitextension map it to the pin code security check.


The Xcode project now contains a main app and a watchOS 2 app, each with its own security check. For more results see the watchOS Tutorial.

Parent topic: Developing for watchOS 2