TOTP in Online Mode
š REL-ID SDK: TOTP Flow (Online Mode)
š Overview
In online mode, TOTP (Time-based One-Time Password) is used to provide secure, time-bound one-time codes after the user logs in. This flow involves SDK-driven registration and real-time TOTP generation.
š Flow Breakdown
flowchart TD
A[š¤ User is Logged In] --> TOTPRegistration[āļø SDK performs TOTP Registration]
TOTPRegistration --> A1[š„ App calls fetchRegisteredTOTPUsers]
A1 -->|ā
User registered for TOTP| A2[š App shows 'Generate TOTP' option]
A2 --> B[š User Selects 'Generate TOTP']
B --> C[š App calls generateTOTP]
C --> F[š¤ SDK emits onTOTPGenerated]
F --> G[š² App Displays TOTP and Expiry Timer]
%% Success Callback Styling
style F fill:#d4fdd4,stroke:#228b22,stroke-width:2px
%% App-Initiated Call Styling
style A1 fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
style C fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
š© Green - Callbacks issued by REL-ID SDK
š§ Orange - APIs invoked by the Client App
š§© Step-by-Step Explanation
ā
1. User Logs In
- After successful login, the SDK automatically attempts to register the user for TOTP (if not already registered).
š 2. App Verifies Eligibility
- App calls
fetchRegisteredTOTPUsers()to check which users are eligible for TOTP. - If the user is registered, the app enables the "Generate TOTP" option.
š 3. User Requests TOTP
- User taps on "Generate TOTP" in the app UI.
š 4. App Calls generateTOTP(userID)
generateTOTP(userID)- This triggers the SDK to generate a new TOTP.
- Depending on configuration, the SDK may require authentication (LDA or password).
š¤ 5. SDK Emits onTOTPGenerated
onTOTPGenerated- SDK returns the one-time code and its expiration (in seconds) via the
onTOTPGeneratedevent.
š² 6. App Displays Code
- App displays the TOTP along with a countdown timer to indicate expiration.
š Notes
- TOTP can be used for step-up authentication or secure offline logins.
- Ensure proper UI feedback for expiry and regeneration.
Updated 8 months ago
Whatās Next