Your suggested change has been received. Thank you.

close
Thales Logo

All

  • All
  • CipherTrust Manager
  • CipherTrust Application Data Protection (CADP)
  • CipherTrust Application Key Management (CAKM)
  • CipherTrust Batch Data Transformation (BDT)
  • CipherTrust Cloud Key Management (CCKM)
  • CipherTrust Data Discovery and Classification (DDC)
  • CipherTrust Data Protection Gateway (DPG)
  • CipherTrust Database Protection (CDP)
  • CipherTrust Intelligent Protection (CIP)
  • CipherTrust Integrations
  • CipherTrust Migrations
  • CipherTrust RESTful Data Protection (CRDP)
  • CipherTrust Transparent Encryption (CTE)
  • CipherTrust Transparent Encryption Userspace (CTE-U)
  • CipherTrust Secrets Management (CSM)
  • CipherTrust Vaulted Tokenization (CT-V)
  • CipherTrust Vaultless Tokenization (CT-VL)
  • CTE-Linux
  • CTE-Windows
  • CTE-AIX
  • CTE-K8s
  • CTE-U
  • Crypto Command Center
  • Data Protection on Demand
  • Luna Cloud HSM
  • Luna Network HSM
  • Luna PCIe HSM
  • Luna USB HSM
  • OneWelcome Identity Platform
  • ProtectApp LUKS
  • ProtectServer 2 HSM
  • ProtectServer 3 HSM
  • SafeNet Trusted Access (STA)
  • SafeNet MobilePASS+
  • SafeNet MobilePASS+ for Android
  • SafeNet MobilePASS+ for Chrome
  • SafeNet MobilePASS+ for macOS
  • SafeNet MobilePASS+ for iOS
  • SafeNet MobilePASS+ for WatchOS
  • SafeNet MobilePASS+ for Windows
  • SafeNet Synchronization Agent
  • SafeNet Logging Agent
  • SafeNet Agent for FreeRADIUS
  • SafeNet Agent for NPS
  • SafeNet Agent for Windows Logon
  • SafeNet Authentication Service Private Cloud Edition (SAS PCE)
  • SafeNet Remote Logging Agent
  • SafeNet Keycloak Agent
  • SafeNet IDPrime Virtual (IDPV)
  • SafeNet FIDO Key Manager
  • SafeNet FIDO Key Manager for Android
  • SafeNet FIDO Key Manager for iOS
  • SafeNet FIDO Key Manager for Windows
back

OneWelcome ReactNative SDK 1.0.0

User registration

search
printsuggest an edit

User registration

This topic guide explains the steps required to perform user registration.

The Onegini SDK uses the OAuth 2.0 protocol to authorize the device to access protected resources. To support this protocol the SDK acts as an OAuth 2.0 client.

copy link to clipboardPrerequisites

To initialize authentication the client credentials are required. These credentials are received via Dynamic Client Registration (DCR). As an app developer, there is no need to initialize DCR as it is part of the default implementations in the SDK.

As a timestamp is used within the DCR protocol it is mandatory that the time on the device is equal to the time on the Token Server, independent of time zones. In case of a wrong time the SDK will return an error.

copy link to clipboardStart registration

The user registration starts with enrolling a user on a device using a selected Identity Provider (IdP). The list of all possible IdPs for an app is configured in the Token Server admin panel. The TS also configures a default (primary) IdP that is used for backward compatibility.

To start the user registration you have to call the registerUser method. This method will return an url which has to be opened in a browser where the registration can be continued. Which browser or webview to open for this is up to the developer. 

interface OnewelcomeSdk {
  registerUser(
    identityProviderId: string | null,
    scopes: String[],
  ): Promise<Types.Profile>;
  __ ...
}
OneWelcomeSdk.registerUser(providerId, ['read'])
    .then(authData => {
        console.log('Registration success! ')
    })
    .catch(err => {
        console.error('Registration failed: ', err)
    })

If registration in the browser is successful, the browser will return a link has to be caught by ReactNative and passed to the SDK (e.g. with React Native Linking).

Resolve will be called when the whole flow is successfully finished and the pin creation is handled successfully. This flow can differ depending on the IDP that you have chosen.

There are two distinct flows that can be done to register on a device which are explained on their respective pages.

  1. Browser based registration
  2. Custom registration

copy link to clipboardCreate Pin

After completing the flow for browser based or custom registration you will have to register a pin in order to complete the registration. This is communicated by the SDK to React Native through events. The app will have to listen to these Events and respond to them accordingly.

The following snippet shows how you can listen for the Pin Events

const handleCreateNotification = useCallback(
  async (event: Events.PinCreateEvent) => {
    console.log('handle PIN notification event: ', event);
    switch (event.action) {
      case Events.PinCreate.Open:
        await handleCreateOpen(event);
        break;
      case Events.PinCreate.Close:
        setInitialState();
        break;
      case Events.PinCreate.PinNotAllowed:
        handlePinNotAllowed(event);
        break;
    }
  },
  [handleCreateOpen, setInitialState, handlePinNotAllowed],
);

useEffect(() => {
  const createListener = OnewelcomeSdk.addEventListener(
    Events.SdkNotification.PinCreate,
    handleCreateNotification,
  );

  return () => {
    createListener.remove();
  };
}, [handleCreateNotification]);

After receivingEvents.PinCreate.Open the SDK expects the app to supply a pin. You can provide this pin with the submitPin method.

interface OnewelcomeSdk {
  submitPin(
    flow: Events.PinFlow,
    pin: string | null,
  ): void;
  __ ...
}

OnewelcomeSdk.submitPin(Events.PinFlow.Create, '12345');

If everything went properly registerUser will resolve with AuthData object containing profile ID and optional custom info string.

copy link to clipboardChoosing an identity provider

To select an identity provider which will be used during the registration process you need to pass its id in the identityProviderId parameter. To choose an identity provider, first you need to get all available providers. Call the method getIdentityProviders to get a list with available providers id. If this parameter isn’t specified or if its value is null the default identity provider set on the Token Server will be used.

copy link to clipboardCancel Registration

In some situations you want to cancel the registration flow, restart it, or start a different one. You can cancel browser registration and custom registration by their corresponding cancel methods, cancelBrowserRegistration and cancelCustomRegistration.

Canceling Registration is only possible through these methods when pin Creation has not yet started. When it has, use the cancelPinCreation method instead.

On this page