Create a session on login
In this scenario, you are developing a mobile application and after the user logs in with biometrics, they can call the OneWelcome Identity Platform APIs for performing different operations, without the need to provide a password or username.
How does it work?
For this scenario, let's assume that you are building a mobile application to allow users to view their insurance policy, and you want them to log in in the app without any username and password, just using biometrics, such as fingerprint or face recognition. When logged in to the app, the user is able to see details about their insurance policy.
To achieve such a flow, the user has to have an already existing OMI device. For details about how to enrol a new user, see mobile identity registration.
A step by step flow would look like this:
- User opens your application with OMI embedded.
- Users logs in using facial recognition or a fingerprint.
- User sees information about their insurance policy.
What parts of the API do you need?
For the user to see information about their insurance policy, an access token with proper scopes is needed so that the APIs that returns such information can be called.
For issuing an access token, the following API has to be called:
auth/omi/v1/session
Example implementation
A step by step flow for creating a session in OneWelcome once you are logged in into your native web application, would look like this:
- User opens the application and signs into the app using method that does not require a password, such as fingerprint.
- A session is created in the application.
- The application session, along with data such as a client ID, client secret, and application authorizations (scopes) are exchanged for a single sign-on token, an access token, and an ID token.