User authentication
Introduction
The Flutter Plugin allows for user authentication with either a registered authenticator or with a pin. Both cases are based on the same method, however a different value for registeredAuthenticatorId
is required.
Getting Registered Users and Authenticators
A device can have multiple registered users which can authenticate using the available authenticators. To obtain a list of available user profiles you can use the method getUserProfiles. By passing one of the profile id's you can authenticate a specific user.
You can authenticate with pin or with biometrics. To check if a biometric authenticator is registered for a specific user, use the getBiometricAuthenticator method. Similarly you can get the preferredAuthenticator with getPreferredAuthenticator.
Authenticate User
Once a user has been registered, it can be logged in using the authenticateUser or authenticateUserImplicitly method in the case of implicit authentication. The authenticateUser method takes a OWAuthenticatorType and uses it to authenticate the user. The authenticatorType param can also be null
in which case the preferred authenticator (default PIN) will be used. If biometric is passed in while the authenticator is not registered it will use pin.
The result of successful authentication is a OWRegistrationResponse.
Authenticate using Pin Flow
In case the user needs to authenticate using a pin as result of the selected authenticatorId or the default authenticator, the pin authentication flow will be started. This flow uses the following events for which the potential event attributes are described in Event Overview:
Event | Description |
---|---|
OpenPinAuthenticationEvent | Sent when the SDK is ready to receive a pin for authentication. |
ClosePinAuthenticationEvent | Sent by the SDK when it has finished pin authentication. |
NextPinAuthenticationAttemptEvent | Sent by the SDK when it has received an incorrect pin. |
This flow contains the following steps:
- The user starts a pin authentication flow by calling
authenticateUser
- The SDK broadcasts the
OpenPinAuthenticationEvent
event to indicate that the pin authentication flow has started -
The user needs to respond to the SDK using the user's supplied pin by calling the pin's acceptAuthenticationRequest function
- If the given pin was incorrect a new event,
NextAuthenticationAttemptEvent
, will be broadcasted
- If the given pin was incorrect a new event,
-
If the pin was correct, the
ClosePinAuthenticationEvent
event will be broadcasted and the originalauthenticateUser
function will resolve with an OWRegistrationResponse object