This is the part where a user has to click a magic link in the email from the customer backend after the successful registration of a new user or a new device. This magic link needs to be constructed from the activation token sent by Haventec Silent MFA in response to the user/device registration. This activity is carried out only once for each new user or a new device.
There is an option for the customer system to carry out this activity automatically without the end user getting involved; however, it is recommended that this component is added with the end user clicking the magic link.
The above flow goes as follows
-
When the end user clicks the magic link in the email they received when they register, a call to the customer BackEnd GET /magic-link API is made with a valid activation token generated by Haventec Authenticate.
-
Then the customer BackEnd looks up sessionId in the data store.
-
Then it calls the Haventec Authenticate PATCH /mfa/verify Verify MFA User or Device Depending on the session passed, the user [OR] device is verified.
-
Return success.
-
Verification ends in success.
Comments
0 comments
Please sign in to leave a comment.