REL-ID for MobileREL-ID APIsREL-ID for Web
GuidesRecipesChangelog
REL-ID for MobileREL-ID APIsREL-ID for Web
Guides

Login

šŸ” Ditto ID Login Process (Activated User ā€“ Same Device)

This document outlines the normal login flow in the Ditto ID SDK for an activated user on the same device, using either password or Local Device Authentication (LDA), with key SDK events integrated.

āœ… Prerequisites

Before initiating the login flow, the following conditions must be met:

  • The user must already be activated on the current device.
  • The app must have already called the SDK's initialization routine.
  • A valid Ditto ID connection profile must be available (e.g., Agent_info.txt).
  • The SDK should not be in a reset, terminated, or uninitialized state.
  • Device must not be blocked or exceed authentication retry limits.

šŸ§­ Login Workflow with SDK Events

flowchart TD
    A[Start: User opens App] --> initialise[App initialization]
    initialise --> getUser[SDK triggers getUser]
    getUser --> setUser[App calls setUser]
    setUser --> auth1{Is both password and LDA present for the user?}

    auth1 -- Yes --> authChoice{Allow user Authentication Choice?}
    authChoice -- Yes --> onAuthenticationOptionsAvailable[SDK triggers onAuthenticationOptionsAvailable]
    onAuthenticationOptionsAvailable --> authenticateUsing[App calls authenticateUsing]
    authenticateUsing -- LDA --> lda1[SDK shows LDA prompt]
    lda1 --> lda2[User provides LDA]
    onUserLoggedIn[SDK triggers onUserLoggedIn]
    authenticateUsing -- Password --> password[SDK triggers getPassword]
    password --> passwordScreen[App shows password screen, calls setPassword]

    
   
    selfieBiometricTemplateChallengePresent{SelfieBiometricTemplate Challenge?}
    getIDVSelfieProcessStartConfirmation[SDK triggers getIDVSelfieProcessStartConfirmation]
    setIDVSelfieProcessStartConfirmation[App calls setIDVSelfieProcessStartConfirmation]
    initiateSelfieCapture[SDK initiates selfie capture]

    
    passwordScreen --> selfieBiometricTemplateChallengePresent
    lda2 --> selfieBiometricTemplateChallengePresent
    selfieBiometricTemplateChallengePresent -- No --> onUserLoggedIn
    selfieBiometricTemplateChallengePresent -- Yes --> getIDVSelfieProcessStartConfirmation
    getIDVSelfieProcessStartConfirmation --> setIDVSelfieProcessStartConfirmation
    setIDVSelfieProcessStartConfirmation --> initiateSelfieCapture
    initiateSelfieCapture --> onUserLoggedIn
    onUserLoggedIn --> loginEnd[End login flow]
    auth1 -- No --> isLDAAvailable{Is LDA available}
    isLDAAvailable -- Yes --> lda1
    isLDAAvailable -- No --> password
    authChoice -- No -->  isLDAAvailable
    
    style getUser fill:#d4fdd4,stroke:#228b22,stroke-width:2px
    style onAuthenticationOptionsAvailable fill:#d4fdd4,stroke:#228b22,stroke-width:2px
    style onUserLoggedIn fill:#d4fdd4,stroke:#228b22,stroke-width:2px
    style password fill:#d4fdd4,stroke:#228b22,stroke-width:2px
    style selfieBiometricTemplateChallengePresent fill:#d4fdd4,stroke:#228b22,stroke-width:2px
   

    style initialise fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
    style setUser fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
    style authenticateUsing fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
    style passwordScreen fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
    style getIDVSelfieProcessStartConfirmation fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px

šŸŸ© Green - Callbacks issued by Ditto ID SDK
šŸŸ§ Orange - APIs invoked by the Client App

šŸ“ Explanation of Login Workflow

  1. User Opens the App
    The app launches and internally prepares to perform user login.

  2. App Initialization
    The SDK is initialized using the initialize() call, setting up secure communication and environment.

  3. SDK TriggersgetUser
    This event is invoked by the SDK node module to instruct the API client that the Ditto ID SDK needs the username as a response to proceed further. The application can either auto-submit the username or display a screen for the user to input it.

  4. App CallssetUser
    The app submits the user ID to the SDK using the setUser() method. This prepares the SDK to proceed with determining available authentication options and executing the login flow.

  5. Determine Auth Options
    The SDK checks if the user has both password and LDA configured.

  6. Case: Both Password and LDA Present

    • If user policies allow, the SDK emits onAuthenticationOptionsAvailable, letting the app present a UI for the user to choose.
    • Based on the choice:
      • For LDA: The SDK shows the biometric prompt, and upon success, emits onUserLoggedIn.
      • For Password: The SDK triggers getPassword. The app shows a password input screen and calls setPassword(). On success, SDK emits onUserLoggedIn.

  7. Case: Only One Auth Method Present

    • If only LDA is available: SDK shows LDA prompt.
    • If only Password is available: SDK triggers password input flow.

  8. Authentication Completion
    Once the correct credentials are verified, the SDK emits onUserLoggedIn to confirm successful login.

Updated 4 months ago