This case is where a registered user with their usual device logs in to customer application. In this case, both the user and their device are known to Haventec Silent MFA. Therefore, Haventec Authenticate login API is successfully called right away.
As Silent MFA SDK found credentials in the user’s device, it automatically logs in using these credentials. This case is where the seamlessness shines. Even if the user logs in to customer application a thousand times a day, there will be no added activity on the user’s part while they are enjoying the additional security of the added factor in the authentication process which is Haventec Silent MFA.
The above flow goes as follows.
-
The end user logs in as usual to the customer frontend.
-
The customer front end calls the SDK login service with a username and password.
-
The SDK FrontEnd retrieves Haventec authKey, userId and token from the user’s local storage. (This scenario is the ideal case where the credentials are already saved in local storage).
-
The SDK FrontEnd calls POST /login of customer Backend with relevant login details.
-
Then the customer BackEnd executes POST /authentication/login Login MFA Device with the appropriate applicationId, apiKey, authKey and deviceId.
-
The login was successful and a new set of authKey and token is returned.
-
The customer BackEnd sends the new authKey and token back to the SDK.
-
The SDK saves the fresh credentials in the user’s local storage.
-
The success is returned.
-
The login is successful with the new authKey and token ready to be used for the next login.
Comments
0 comments
Please sign in to leave a comment.