Authentication Orchestration
šÆ Overview
Authentication Orchestration is the core process that manages user authentication flows in the Ditto ID Web Portal. The system intelligently determines the authentication path based on browser recognition status and orchestrates the multi-factor authentication process to ensure secure user verification.
šļø Core Concepts
š Browser Recognition System
- Unrecognized Browser: Browser that hasn't been marked as "remembered" by the user
- Recognized Browser: Browser previously trusted through "Remember Me" option
- Recognition Trigger: User selecting "Remember Me" during authentication
- Duration: Browser remembered for configured period (default: 1 year)
š Authentication Orchestration Logic
- Factor Determination: System analyzes user profile to determine available factors
- User Type Detection: Identifies Ditto ID mobile users vs. web-only users
- Flow Selection: Chooses appropriate authentication path based on user and browser status
- MFA Enforcement: Ensures multi-factor authentication completion before granting access
š Authentication Flow Types
| Flow Type | Browser Status | User Experience | Authentication Steps |
|---|---|---|---|
| Unrecognized | New/Unknown | Full username entry + MFA | Username ā Factors ā Completion |
| Recognized | Previously trusted | Account chooser + MFA | Account Selection ā Factors ā Completion |
Updated 4 months ago