Creating a session on login
This document demonstrates how to enable a session after a user has logged in to the application without submitting a password or username.
How does it work?
This application allows users to log in using biometrics and does not support username and password authentication. This document assumes that the registration flow allows registration using Mobile Identity. For more information about supporting OMI registration, see adding user registration using a QR.
The process for using biometrics to log in and create a session instance can be seen below.
- User opens your application with OMI.
- Users logs in using facial recognition or a fingerprint.
- User has access to application information.
What parts of the API do you require?
To add push notifications to your flow you require the following API endpoints:
auth/omi/v1/session
Example implementation
The following is an example of adding a session on login to an access flow.
- User opens the application and signs into the app using method that does not require a password.
- A session is created in the application.
- The application session, along with data such as a clientId, clientSecret, and application authorizations or scopes are exchanged for a single sign-on token, an access token, and an ID token.