🌐 REL-ID SDK: TOTP Flow (Online Mode)

🔎 Overview

In online mode, TOTP (Time-based One-Time Password) is used to provide secure, time-bound one-time codes after the user logs in. This flow involves SDK-driven registration and real-time TOTP generation.

🔁 Flow Breakdown

flowchart TD
    A[👤 User is Logged In] --> TOTPRegistration[⚙️ SDK performs TOTP Registration]
    TOTPRegistration --> A1[📥 App calls fetchRegisteredTOTPUsers]
    A1 -->|✅ User registered for TOTP| A2[🆗 App shows 'Generate TOTP' option]
    A2 --> B[👉 User Selects 'Generate TOTP']
    B --> C[📞 App calls generateTOTP]
    C --> F[📤 SDK emits onTOTPGenerated]
    F --> G[📲 App Displays TOTP and Expiry Timer]

    %% Success Callback Styling
    style F fill:#d4fdd4,stroke:#228b22,stroke-width:2px
    
    %% App-Initiated Call Styling
    style A1 fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
    style C fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px

🟩 Green - Callbacks issued by REL-ID SDK
🟧 Orange - APIs invoked by the Client App

🧩 Step-by-Step Explanation

✅ 1. User Logs In

• After successful login, the SDK automatically attempts to register the user for TOTP (if not already registered).

🔍 2. App Verifies Eligibility

• App calls fetchRegisteredTOTPUsers() to check which users are eligible for TOTP.
• If the user is registered, the app enables the "Generate TOTP" option.

👉 3. User Requests TOTP

• User taps on "Generate TOTP" in the app UI.

📞 4. App Calls generateTOTP(userID)

• This triggers the SDK to generate a new TOTP.
• Depending on configuration, the SDK may require authentication (LDA or password).

📤 5. SDK Emits onTOTPGenerated

• SDK returns the one-time code and its expiration (in seconds) via the onTOTPGenerated event.

📲 6. App Displays Code

• App displays the TOTP along with a countdown timer to indicate expiration.

📝 Notes

• TOTP can be used for step-up authentication or secure offline logins.
• Ensure proper UI feedback for expiry and regeneration.