The MIRACL Trust Authenticator is a mobile application available for the two major platforms - iOS and Android. It lets you use the MIRACL Trust authentication technology with minimal integration, allowing you to authenticate to a web application, regardless of where it is accessed from.
To use Custom User Verification with the MIRACL Trust Authenticator, you must first set up a Custom Verification URL in the MIRACL Trust Portal. When the end user starts registering in the MIRACL Trust Authenticator, they are redirected to the Custom Verification URL. To register the user, the MIRACL Trust Authenticator must consume the Verification URL obtained by the verification request (as described in Custom User Verification).
Note that the Custom Verification URL is different from the Verification URL. The Custom Verification URL is the URL for registering in your system that you set up in the MIRACL Trust Portal. The Verification URL is issued by the platform and is used to transfer the verification to the platform, finishing the verification flow.
You can redirect the end user to the Verification URL which will be handled by the MIRACL Trust Authenticator.
Another option is to send the Verification URL to the end user via any appropriate secure channel (email, SMS, etc.), and when they open it, the verification is completed.
If the registration is successful, the enrolment process is completed. End users can now authenticate using the PIN chosen for the device. They can go through the verification process for each device they want to use for authentication or use QuickCode, if enabled, to enrol additional devices using the already enrolled one.
# Flow
sequenceDiagram Client ->> RPA: Request protected resource RPA ->>+ MIRACL Trust Authorization Page: Redirect to MIRACL Trust OIDC Authorization Page for authentication MIRACL Trust Authorization Page ->>+ MIRACL Trust Authenticator: Scan QR code on desktop or press "Launch app" on mobile opt User verification MIRACL Trust Authenticator -->>+ RPA: Open Custom Verification URL in web view RPA ->> RPA: Verify user RPA ->>- MIRACL Trust Authenticator: Redirect to Verification URL MIRACL Trust Authenticator ->> MIRACL Trust Authenticator: Enrol device end MIRACL Trust Authenticator ->> MIRACL Trust Authenticator: Authenticate MIRACL Trust Authenticator -->>- MIRACL Trust Authorization Page: User authenticated MIRACL Trust Authorization Page -->>- Client: Redirect to the OIDC Redirect URL on record Client ->> RPA: Request protected resource with proof of authentication RPA ->>+ MIRACL API: Exchange Access Code for ID Token and Access Token MIRACL API -->>- RPA: Return the ID Token and Access Token RPA -->> Client: Provide protected resource
RPA stands for Relying Party Application; in this case, it is your application’s backend.
