REL-ID-IDV Workflow
%%{init: {
"flowchart": {"htmlLabels": false}
}}%%
flowchart TD
RelIdSdkInitialize[App invokes REL-ID SDK initialize]
RelIdSdkInitialize --> onInitializeError["check errors in onInitializeError()"]
RelIdSdkInitialize --> onInitializeProgress["SDK provides initialize progress in onInitializeProgress() callback"]
RelIdSdkInitialize --> MTD{Is MTD enabled?}
MTD -->|YES| onUserConsentThreats[onUserConsentThreats]
MTD -->|NO| onInitialized[onInitialized]
MTD -->|YES| onTerminateWithThreats[onTerminateWithThreats]
onUserConsentThreats --> takeActionOnThreats[takeActionOnThreats] --> shouldProceedWithThreats[shouldProceedWithThreats]
onTerminateWithThreats --> RELIDSDKGetsTerminated[RELID SDK gets Terminated]
shouldProceedWithThreats -->|TRUE| onInitialized[onInitialized]
shouldProceedWithThreats -->|FALSE| RELIDSDKGetsTerminated[RELID SDK gets Terminated]
onInitialized --> getUser[getUser] --> setUser[setUser]
getUser --> resetAuthState[resetAuthState] --> Info>"The purpose of this method is to reset the authentication flow. If any error occurs in between when a user is trying to authenticate itself with the server, reset challenge needs to be called to acknowledge the server that the user is re-starting the authentication flow. Note: This API is used in the Pre-Login workflow."]
setUser --> ActivationWorkflow[Activation Workflow]
setUser --> LoginWorkflow[Login WorkFlow]
setUser --> AdditionalDeviceActivation[Additional Device Activation]
setUser --> AccRecovery[Account Recovery or Lost Device Activation]
ActivationWorkflow --> getActivationCode["getActivationCode(Verification Key)"]
getActivationCode --> ActCodeInfo>"Activation code received\nvia email/sms"]
ActCodeInfo --> setActivationCode["setActivationCode([activationCode])"]
setActivationCode --> relIdIdvWorkflow["(REL-ID IDV WORKFLOW)"]
relIdIdvWorkflow --> getUserConsentForLDA["getUserConsentForLDA(Response)"]
getUserConsentForLDA --> ResponseDetails>"Response contains: userId, challengeMode, rdnaLDACapabilities, authType, and RDNAError"]
ResponseDetails --> setUserConsentForLDA{"setUserConsentForLDA([True/False], [challengeMode], [authType])"}
setUserConsentForLDA -->|TRUE| LDAPrompt[LDA Prompt] --> ProvideLDA[Provide LDA]
setUserConsentForLDA -->|FALSE| getPassword["getPassword()"] --> setPassword["setPassword([password])"]
ProvideLDA --> onUserLoggedIn["onUserLoggedIn(Response)"]
setPassword --> onUserLoggedIn["onUserLoggedIn(Response)"]
LoginWorkflow --> LDAPromptLogin[LDA Prompt] --> ProvideLDALogin[Provide LDA]
LoginWorkflow --> getPasswordLogin["getPassword()"] --> setPasswordLogin["setPassword([password])"]
ProvideLDALogin --> relIdIdvWorkflowLogin["(REL-ID IDV WORKFLOW)"]
setPasswordLogin --> relIdIdvWorkflowLogin["(REL-ID IDV WORKFLOW)"]
relIdIdvWorkflowLogin --> idvSelfieBiometricTemplate{RELID-IDV-SelfieBiometricTemplate challenge}
idvSelfieBiometricTemplate -->|TRUE| NormalLoginWithTemplate[Normal Login with Template]
idvSelfieBiometricTemplate -->|FALSE| NormalLoginWithoutTemplate[Normal Login without Template]
NormalLoginWithTemplate --> getIDVSelfieProcessStartConfirmation[getIDVSelfieProcessStartConfirmation]
getIDVSelfieProcessStartConfirmation --> setIDVSelfieProcessStartConfirmation[setIDVSelfieProcessStartConfirmation]
setIDVSelfieProcessStartConfirmation --> sdkInitiatesSelfieCaptureText>"SDK initiates Selfie Capture"]
sdkInitiatesSelfieCaptureText --> onUserLoggedIn["onUserLoggedIn(Response)"]
NormalLoginWithoutTemplate --> onUserLoggedIn["onUserLoggedIn(Response)"]
AdditionalDeviceActivation --> addNewDeviceOptions["addNewDeviceOptions()"]
addNewDeviceOptions --> performVerifyAuth["performVerifyAuth(True)"]
performVerifyAuth --> ifAccessToActivatedDevice>"if access to activated device"]
performVerifyAuth --> ifNoAccessToActivatedDevice>"if no access to activated device"]
ifAccessToActivatedDevice --> relIdVerifyNotification["REL-ID Verify Notification (Receives on activated Device)"]
ifNoAccessToActivatedDevice --> fallbackNewDeviceActivationFlow["fallbackNewDeviceActivationFlow()"]
fallbackNewDeviceActivationFlow --> getActivationCodeAddDevice["getActivationCode(VerificationKey)"]
getActivationCodeAddDevice --> actCodeReceiveVia>"Activation code received via email/sms"]
actCodeReceiveVia --> setActivationCodeAddDevice["setActivationCode(<activationCode>)"]
relIdVerifyNotification --> AcceptRejectNotification>"Accept/Reject Notification(on activated Device)"] --> updateNotification["updateNotification()(on activated Device)"]
updateNotification --> onUpdateNotification["onUpdateNotification(on activated Device)"]
setActivationCodeAddDevice --> relIdIdvWorkflowAddDevice["(REL-ID IDV WORKFLOW)"]
relIdIdvWorkflowAddDevice --> idvAddDeviceActWithOrWithoutTemplate>"IDV-Addition Device Activation with or without Template"]
idvAddDeviceActWithOrWithoutTemplate --> getUserConsentForLDAAddDevice["getUserConsentForLDA(Response)"]
getUserConsentForLDAAddDevice --> setUserConsentForLDAAddDevice{"setUserConsentForLDA([True/False],[challengeMode], [authType])"}
setUserConsentForLDAAddDevice -->|TRUE| LDAPromptAddDevice[LDA Prompt] --> ProvideLDAAddDevice[Provide LDA]
setUserConsentForLDAAddDevice -->|FALSE| getPasswordAddDevice["getPassword()"] --> setPasswordAddDevice["setPassword([password])"]
ProvideLDAAddDevice --> onUserLoggedIn["onUserLoggedIn(Response)"]
setPasswordAddDevice --> onUserLoggedIn["onUserLoggedIn(Response)"]
AccRecovery --> AccRecoveryInfo>"(User has an active REL-ID where Device ID is same as this device, and has no other active REL-IDs (this is the only device they had activate before this device lost its client-side REL-ID, which could happen if they delete and reinstall the app"]
AccRecovery --> getActivationCodeAccRecovery["getActivationCode([verification Key])"]
getActivationCodeAccRecovery --> ActCodeAccRecoveryInfo>"Activation code received via email/sms"]
ActCodeAccRecoveryInfo --> setActivationCodeAccRecovery["setActivationCode([activationCode])"]
setActivationCodeAccRecovery --> relIdIdvWorkflowAccRecovery["(REL-ID IDV WORKFLOW)"]
relIdIdvWorkflowAccRecovery --> idvAddDeviceActWithOrWithoutTemplateAccRecovery>"IDV-Addition Device Activation with or without Template"]
idvAddDeviceActWithOrWithoutTemplateAccRecovery --> getUserConsentForLDAAccRecovery["getUserConsentForLDA(Response)"]
getUserConsentForLDAAccRecovery --> ResponseDetailsAccRecovery>"Response contains: userId, challengeMode, rdnaLDACapabilities, authType, and RDNAError"]
ResponseDetailsAccRecovery --> setUserConsentForLDAAccRecovery{"setUserConsentForLDA([True/False],
[challengeMode], [authType])"}
setUserConsentForLDAAccRecovery -->|TRUE| LDAPromptAccRecovery[LDA Prompt] --> ProvideLDAAccRecovery[Provide LDA]
setUserConsentForLDAAccRecovery -->|FALSE| getPasswordAccRecovery["getPassword()"] --> setPasswordAccRecovery["setPassword([password])"]
ProvideLDAAccRecovery --> onUserLoggedIn["onUserLoggedIn(Response)"]
setPasswordAccRecovery --> onUserLoggedIn["onUserLoggedIn(Response)"]
onUserLoggedIn --> postLoginWorkflow>"POST login workflows like IDV, REL-IDVerify, Authenticate User & SignData"]
postLoginWorkflow --> dashboardScreen[Dashboard Screen]:::noteRed
dashboardScreen --> userWantsToLogoff[User wants to Logoff]
dashboardScreen --> appCloseOrExit[Application Close/Exit]
userWantsToLogoff --> logOff[logOff]
logOff --> onUserLoggedOff[onUserLoggedOff]
onUserLoggedOff --> getUserPostLogin["getUser()(App redirects to the login screen)"]
appCloseOrExit --> terminate[terminate]
terminate --> onTerminate[onTerminate]
style onInitializeError fill:#d4fdd4,stroke:#228b22,stroke-width:2px
style onInitializeProgress fill:#d4fdd4,stroke:#228b22,stroke-width:2px
style onUserConsentThreats fill:#d4fdd4,stroke:#228b22,stroke-width:2px
style onTerminateWithThreats fill:#d4fdd4,stroke:#228b22,stroke-width:2px
style onInitialized fill:#d4fdd4,stroke:#228b22,stroke-width:2px
style shouldProceedWithThreats fill:#d4fdd4,stroke:#228b22,stroke-width:2px
style getUser fill:#d4fdd4,stroke:#228b22,stroke-width:2px
style getActivationCode fill:#d4fdd4,stroke:#228b22,stroke-width:2px
style getUserConsentForLDA fill:#d4fdd4,stroke:#228b22,stroke-width:2px
style LDAPrompt fill:#d4fdd4,stroke:#228b22,stroke-width:2px
style getPassword fill:#d4fdd4,stroke:#228b22,stroke-width:2px
style LDAPromptLogin fill:#d4fdd4,stroke:#228b22,stroke-width:2px
style getPasswordLogin fill:#d4fdd4,stroke:#228b22,stroke-width:2px
style getIDVSelfieProcessStartConfirmation fill:#d4fdd4,stroke:#228b22,stroke-width:2px
style addNewDeviceOptions fill:#d4fdd4,stroke:#228b22,stroke-width:2px
style relIdVerifyNotification fill:#d4fdd4,stroke:#228b22,stroke-width:2px
style getActivationCodeAddDevice fill:#d4fdd4,stroke:#228b22,stroke-width:2px
style getUserConsentForLDAAddDevice fill:#d4fdd4,stroke:#228b22,stroke-width:2px
style LDAPromptAddDevice fill:#d4fdd4,stroke:#228b22,stroke-width:2px
style getPasswordAddDevice fill:#d4fdd4,stroke:#228b22,stroke-width:2px
style getActivationCodeAccRecovery fill:#d4fdd4,stroke:#228b22,stroke-width:2px
style getUserConsentForLDAAccRecovery fill:#d4fdd4,stroke:#228b22,stroke-width:2px
style LDAPromptAccRecovery fill:#d4fdd4,stroke:#228b22,stroke-width:2px
style getPasswordAccRecovery fill:#d4fdd4,stroke:#228b22,stroke-width:2px
style onUserLoggedIn fill:#d4fdd4,stroke:#228b22,stroke-width:2px
style onUserLoggedOff fill:#d4fdd4,stroke:#228b22,stroke-width:2px
style onTerminate fill:#d4fdd4,stroke:#228b22,stroke-width:2px
style getUserPostLogin fill:#d4fdd4,stroke:#228b22,stroke-width:2px
classDef noteRed color:red
style ActivationWorkflow fill:#e1d5e7,stroke:#228b22,stroke-width:2px
style LoginWorkflow fill:#e1d5e7,stroke:#228b22,stroke-width:2px
style AdditionalDeviceActivation fill:#e1d5e7,stroke:#228b22,stroke-width:2px
style AccRecovery fill:#e1d5e7,stroke:#228b22,stroke-width:2px
style relIdIdvWorkflow fill:#bac8d3,stroke:#228b22,stroke-width:2px
style relIdIdvWorkflowLogin fill:#bac8d3,stroke:#228b22,stroke-width:2px
style relIdIdvWorkflowAddDevice fill:#bac8d3,stroke:#228b22,stroke-width:2px
style relIdIdvWorkflowAccRecovery fill:#bac8d3,stroke:#228b22,stroke-width:2px
style RelIdSdkInitialize fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
style MTD fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
style takeActionOnThreats fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
style setUser fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
style resetAuthState fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
style setActivationCode fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
style setUserConsentForLDA fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
style ProvideLDA fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
style setPassword fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
style ProvideLDALogin fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
style setPasswordLogin fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
style idvSelfieBiometricTemplate fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
style setIDVSelfieProcessStartConfirmation fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
style performVerifyAuth fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
style fallbackNewDeviceActivationFlow fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
style setActivationCodeAddDevice fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
style updateNotification fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
style setUserConsentForLDAAddDevice fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
style ProvideLDAAddDevice fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
style setPasswordAddDevice fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
style setActivationCodeAccRecovery fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
style setUserConsentForLDAAccRecovery fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
style ProvideLDAAccRecovery fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
style setPasswordAccRecovery fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
style logOff fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
style terminate fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
🟩 Green - Callbacks issued by REL-ID SDK
🟧 Orange - APIs invoked by the Client App
🛡️ Identity Verification (IDV) Process
The Identity Verification (IDV) process ensures secure user authentication across various use cases:
- 🚀 Activation Flow – Used during new user onboarding.
- 🔐 Login Flow – Enables secure access for returning users.
- 📱 Additional Device Activation Flow – Facilitates authentication when a user sets up a second device.
- 🆘 Account Recovery / Lost Device Flow – Supports user identity verification in scenarios involving lost, stolen, or inaccessible devices.
Updated 5 months ago