🔄 Credential Update Flow in REL-ID SDK

The Update Credentials feature in the REL-ID SDK allows users to securely change sensitive authentication details such as their password, secret question & answer (SecQA), or pattern after they are logged in. This feature is designed to support post-login user security hygiene and profile management.

This flow is interactive and involves coordination between the client app, the REL-ID SDK, and the backend. The SDK handles user prompts and flow logic, while the application is responsible for initiating the process and making relevant API calls.

🧠 Overview

Once a user is authenticated, the application may allow them to update their credentials (e.g., password, secret question, pattern). This flow is handled collaboratively by the application, the REL-ID SDK, and backend APIs. Here's how it works:

User is already logged in – this is the starting condition.
The application calls getAllChallenges API to fetch all updatable credentials for the user.
The SDK triggers onCredentialsAvailableForUpdate , supplying a list of credentials eligible for update.
The user selects the credential they wish to update (e.g., password, secret question, or pattern).
The application invokes initiateUpdateFlowForCredential API with the selected credential.
Based on the type of credential:
- For Password:
  - SDK triggers getPassword event with RDNA_OP_UPDATE_CREDENTIALS mode.
  - The app collects the new password and calls updatePassword API.
- For Secret Q&A:
  - SDK triggers getSecretAnswer event.
  - The app collects the new Q&A and calls setSecretQuestionAnswer API.
- For Pattern:
  - SDK directly shows the pattern update screen.
Once the backend confirms the update, the SDK triggers onUpdateCredentialResponse to indicate success or failure of the update process.

🔁 Flowchart

flowchart TD
    UserLoggedIn[User is logged in] --> GetAllChallenges[API calls getAllChallenges]
    GetAllChallenges --> oncredentialsavailableforupdate[SDK triggers oncredentialsavailableforupdate with available credentials]
    oncredentialsavailableforupdate --> SelectCredential[User selects crededential to update]
    SelectCredential --> initiateUpdateFlowForCredential[API calls initiateUpdateFlowForCredential for the selected credential]
    initiateUpdateFlowForCredential -- Password --> getPassword[SDK triggers getPassword, challengeMode RDNA_OP_UPDATE_CREDENTIALS/2]
    getPassword --> updatePassword[API calls updatePassword, RDNA_OP_UPDATE_CREDENTIALS/2]
    initiateUpdateFlowForCredential -- SecQA --> getSecretAnswer[SDK triggers getSecretAnswer, challengeMode RDNA_OP_UPDATE_CREDENTIALS/2]
    getSecretAnswer --> setSecretAnswer[API calls setSecretQuestionAnswer, challengeMode RDNA_OP_UPDATE_CREDENTIALS/2]
    initiateUpdateFlowForCredential -- Pattern --> showPattern[REL-ID SDK shows update Pattern screen ]
    onUpdateCredentialResponse[SDK triggers onUpdateCredentialResponse]
    updatePassword --> onUpdateCredentialResponse
    setSecretAnswer --> onUpdateCredentialResponse

    style oncredentialsavailableforupdate fill:#d4fdd4,stroke:#228b22,stroke-width:2px
    style getPassword fill:#d4fdd4,stroke:#228b22,stroke-width:2px
    style onUpdateCredentialResponse fill:#d4fdd4,stroke:#228b22,stroke-width:2px
    style getSecretAnswer fill:#d4fdd4,stroke:#228b22,stroke-width:2px

    style GetAllChallenges fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
    style initiateUpdateFlowForCredential fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
    style updatePassword fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
    style setSecretAnswer fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px

📘 Notes

All credential updates are processed in the mode RDNA_OP_UPDATE_CREDENTIALS.
The SDK handles event-based UI triggers, while the app invokes the actual APIs.
onUpdateCredentialResponse provides the final outcome to the app.