Updating any credential
š Credential Update Flow in Ditto ID SDK
The Update Credentials feature in the Ditto ID SDK allows users to securely change sensitive authentication details such as their password, secret question & answer (SecQA), or pattern after they are logged in. This feature is designed to support post-login user security hygiene and profile management.
This flow is interactive and involves coordination between the client app, the Ditto ID SDK, and the backend. The SDK handles user prompts and flow logic, while the application is responsible for initiating the process and making relevant API calls.
š§ Overview
Once a user is authenticated, the application may allow them to update their credentials (e.g., password, secret question, pattern). This flow is handled collaboratively by the application, the Ditto ID SDK, and backend APIs. Here's how it works:
- User is already logged in ā this is the starting condition.
- The application calls
getAllChallengesAPI to fetch all updatable credentials for the user. - The SDK triggers
onCredentialsAvailableForUpdate, supplying a list of credentials eligible for update. - The user selects the credential they wish to update (e.g., password, secret question, or pattern).
- The application invokes
initiateUpdateFlowForCredentialAPI with the selected credential. - Based on the type of credential:
- For Password:
- SDK triggers
getPasswordevent withRDNA_OP_UPDATE_CREDENTIALSmode. - The app collects the new password and calls
updatePasswordAPI.
- SDK triggers
- For Secret Q&A:
- SDK triggers
getSecretAnswerevent. - The app collects the new Q&A and calls
setSecretQuestionAnswerAPI.
- SDK triggers
- For Pattern:
- SDK directly shows the pattern update screen.
- For Password:
- Once the backend confirms the update, the SDK triggers
onUpdateCredentialResponseto indicate success or failure of the update process.
š Flowchart
flowchart TD
UserLoggedIn[User is logged in] --> GetAllChallenges[API calls getAllChallenges]
GetAllChallenges --> oncredentialsavailableforupdate[SDK triggers oncredentialsavailableforupdate with available credentials]
oncredentialsavailableforupdate --> SelectCredential[User selects crededential to update]
SelectCredential --> initiateUpdateFlowForCredential[API calls initiateUpdateFlowForCredential for the selected credential]
initiateUpdateFlowForCredential -- Password --> getPassword[SDK triggers getPassword, challengeMode RDNA_OP_UPDATE_CREDENTIALS/2]
getPassword --> updatePassword[API calls updatePassword, RDNA_OP_UPDATE_CREDENTIALS/2]
initiateUpdateFlowForCredential -- SecQA --> getSecretAnswer[SDK triggers getSecretAnswer, challengeMode RDNA_OP_UPDATE_CREDENTIALS/2]
getSecretAnswer --> setSecretAnswer[API calls setSecretQuestionAnswer, challengeMode RDNA_OP_UPDATE_CREDENTIALS/2]
initiateUpdateFlowForCredential -- Pattern --> showPattern[REL-ID SDK shows update Pattern screen ]
onUpdateCredentialResponse[SDK triggers onUpdateCredentialResponse]
updatePassword --> onUpdateCredentialResponse
setSecretAnswer --> onUpdateCredentialResponse
style oncredentialsavailableforupdate fill:#d4fdd4,stroke:#228b22,stroke-width:2px
style getPassword fill:#d4fdd4,stroke:#228b22,stroke-width:2px
style onUpdateCredentialResponse fill:#d4fdd4,stroke:#228b22,stroke-width:2px
style getSecretAnswer fill:#d4fdd4,stroke:#228b22,stroke-width:2px
style GetAllChallenges fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
style initiateUpdateFlowForCredential fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
style updatePassword fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
style setSecretAnswer fill:#ffe4b3,stroke:#ff8c00,stroke-width:2px
š Notes
- All credential updates are processed in the mode
RDNA_OP_UPDATE_CREDENTIALS. - The SDK handles event-based UI triggers, while the app invokes the actual APIs.
onUpdateCredentialResponseprovides the final outcome to the app.
Updated 4 months ago