Authentication Orchestration
🎯 Overview
Authentication Orchestration is the core process that manages user authentication flows in the REL-ID Web Portal. The system intelligently determines the authentication path based on browser recognition status and orchestrates the multi-factor authentication process to ensure secure user verification.
🏗️ Core Concepts
🌐 Browser Recognition System
- Unrecognized Browser: Browser that hasn't been marked as "remembered" by the user
- Recognized Browser: Browser previously trusted through "Remember Me" option
- Recognition Trigger: User selecting "Remember Me" during authentication
- Duration: Browser remembered for configured period (default: 1 year)
🔒 Authentication Orchestration Logic
- Factor Determination: System analyzes user profile to determine available factors
- User Type Detection: Identifies REL-ID mobile users vs. web-only users
- Flow Selection: Chooses appropriate authentication path based on user and browser status
- MFA Enforcement: Ensures multi-factor authentication completion before granting access
📊 Authentication Flow Types
| Flow Type | Browser Status | User Experience | Authentication Steps |
|---|---|---|---|
| Unrecognized | New/Unknown | Full username entry + MFA | Username → Factors → Completion |
| Recognized | Previously trusted | Account chooser + MFA | Account Selection → Factors → Completion |
Updated 15 days ago