REL-ID for MobileREL-ID APIsREL-ID for Web
Guides
Start typing to search…

LDA to Password

🔄 Toggling from LDA to Password (Authentication Mode Management)

This flow describes how an app allows a user to disable Local Device Authentication (LDA) and switch to Password-based authentication using the REL-ID SDK. This is commonly offered as a user setting post-login to manage their preferred login mode.

🧩 Precondition

  • The user is already logged in using LDA.
  • The app supports toggling login methods through a user settings or profile page.

🧭 Workflow Overview

flowchart TD
    onUserLoggedIn --> getDeviceAuthenticationDetails[App calls 
 getDeviceAuthenticationDetails]
    getDeviceAuthenticationDetails -- LDA enabled for device --> ldaToggleScreen[App shows LDA toggle screen]
    ldaToggleScreen -- toggle from LDA to Password --> manageDeviceAuthenticationModes[App calls manageDeviceAuthenticationModes, isEnabled:false]
    manageDeviceAuthenticationModes --> ldaPrompt[SDK shows LDA Prompt]
    ldaPrompt --> provideLDA[User provides LDA]
    provideLDA --> passAvailCheck{User Password available in system?}
    passAvailCheck -- Yes --> getPassword[SDK triggers getPassword]
    getPassword --> setPassword[App calls setPassword, challengeMode : RDNA_MANAGE_LDA_RECONFIRM_VERIFY_PASS/15] 
    setPassword --> onDeviceAuthManagementStatus[SDK triggers onDeviceAuthManagementStatus with success]
    onDeviceAuthManagementStatus --> backToldaToggleScreen[Back to LDA toggle screen]
    passAvailCheck -- No --> getPasswordFirstTime[SDK triggers getPassword, user setting password for first time]
    getPasswordFirstTime --> setPasswordFirstTime[App calls setPassword, challengeMode : RDNA_MANAGE_LDA_SET_PASS/14]
    setPasswordFirstTime --> getPasswordToVerify[SDK triggers getPassword, challengeMode : RDNA_MANAGE_LDA_RECONFIRM_VERIFY_PASS/15]
    getPasswordToVerify --> setPasswordToVerify[SDK triggers setPassword, challengeMode : RDNA_MANAGE_LDA_RECONFIRM_VERIFY_PASS/15]
    setPasswordToVerify --> onDeviceAuthManagementStatus
    
style getPassword fill:#d4fdd4,stroke:#228b22,stroke-width:2px
style onDeviceAuthManagementStatus fill:#d4fdd4,stroke:#228b22,stroke-width:2px
style getPasswordFirstTime fill:#d4fdd4,stroke:#228b22,stroke-width:2px
style getPasswordToVerify fill:#d4fdd4,stroke:#228b22,stroke-width:2px
style setPassword fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
style getDeviceAuthenticationDetails fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
style manageDeviceAuthenticationModes fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
style setPasswordFirstTime fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
style setPasswordToVerify fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px

🟩 Green - Callbacks issued by REL-ID SDK
🟧 Orange - APIs invoked by the Client App

📝 Step-by-Step Explanation

  1. Post Login: Once the user is authenticated (e.g., via LDA), the app invokes getDeviceAuthenticationDetails() to fetch LDA enablement status for the device.

  2. App UI: If LDA is enabled, the app shows a toggle screen allowing the user to disable LDA.

  3. Toggling Action: If the user chooses to disable LDA:

    • The app calls manageDeviceAuthenticationModes(isEnabled: false).

  4. Reconfirmation Prompt:

    • The SDK displays the LDA biometric prompt.
    • The user must re-authenticate using LDA to confirm intent.

  5. Password Handling:

    • The SDK checks if a password already exists for the user.
    • If yes:
      • SDK emits getPassword with challengeMode: RDNA_MANAGE_LDA_RECONFIRM_VERIFY_PASS (15)
      • The app collects the password and calls setPassword().
    • If no:
      • SDK emits getPassword to set a new password → challengeMode RDNA_MANAGE_LDA_SET_PASS (14)
      • App submits new password by calling setPassword → challengeMode RDNA_MANAGE_LDA_SET_PASS (14)
      • The SDK again emits getPassword for confirmation → challengeMode RDNA_MANAGE_LDA_RECONFIRM_VERIFY_PASS (15)
      • The app collects and confirms the password again via setPassword() → challengeMode RDNA_MANAGE_LDA_RECONFIRM_VERIFY_PASS (15).

  6. Result Notification:

    • Upon success, SDK emits onDeviceAuthManagementStatus.
    • The app may navigate back to the toggle screen with updated status.
    • User can now use password to login instead of LDA

Updated 6 months ago