The MIRACL Trust multi-factor authentication can be integrated directly into your mobile applications through the platform’s mobile SDKs, which enable the implementation of verification flows.
As a preliminary step, you need to configure the verification.
To register the device, the mobile application must consume the Verification URL obtained by the verification request. This URL can then be directly returned to the application where the verification process is completed.
Another option is to send the URL to the end user via any appropriate secure channel (email, SMS, etc.). When the user opens the Verification URL, your application must handle it as an App Link/Universal Link. To associate your application with the Verification URL, use the Android association and iOS app association fields in Mobile Applications under Configuration.
After the mobile application receives the Verification URL, it should confirm
the verification by calling the getActivationToken method of the
MIRACL Trust Android SDK or
MIRACL Trust iOS SDK:
intent?.data?.let { verificationUri ->
miraclTrust.getActivationToken(
verificationUri,
resultHandler = { result ->
when (result) {
is MIRACLSuccess -> {
val userId = result.value.userId
val activationToken = result.value.activationToken
// Use the activation token and the User ID to register the user.
}
is MIRACLError -> {
val error = result.value
// Cannot obtain activation token due to an error.
}
}
}
)
}
Uri verificationUri = intent.getData();
if (verificationUri != null) {
miraclTrust.getActivationToken(verificationUri, result -> {
if (result instanceof MIRACLSuccess) {
ActivationTokenResponse response =
((MIRACLSuccess<ActivationTokenResponse, ActivationTokenException>)
result).getValue();
String userId = response.getUserId();
String activationToken = response.getActivationToken();
// Use the activation token and the User ID to register the user.
} else {
MIRACLError<ActivationTokenResponse,
ActivationTokenException> error =
(MIRACLError<ActivationTokenResponse, ActivationTokenException>)
result;
// Cannot obtain activation token due to an error.
}
});
}
func scene(_ scene: UIScene, continue userActivity: NSUserActivity) {
guard let verificationURL = userActivity.webpageURL else {
return
}
MIRACLTrust
.getInstance()
.getActivationToken(verificationURL: verificationURL) { activationTokenResponse, error in
// Pass the activation token to the `register` method.
}
}
-(void)scene:(UIScene *)scene continueUserActivity:(NSUserActivity *)userActivity
{
if(userActivity.webpageURL == nil) {
return;
}
NSURL *verificationURL = userActivity.webpageURL;
[[MIRACLTrust getInstance]
getActivationTokenWithVerificationURL:verificationURL
completionHandler: ^(ActivationTokenResponse * _Nullable activationTokenResponse,
NSError * _Nullable error) {
// Pass the activation token to the `register` method.
}];
}
The result of the verification confirmation is an activation token. Use it to
call the register method. When a PIN is requested, prompt the end user to
enter one.
miraclTrust.register(
userId = USER_ID,
activationToken = activationToken,
pinProvider = { pinConsumer ->
// Ask the user to create a PIN code for their new User ID.
// Then pass the PIN code to the PinConsumer.
pinConsumer.consume(userPin)
},
resultHandler = { result ->
when (result) {
is MIRACLSuccess -> {
val user = result.value
}
is MIRACLError -> {
val error = result.value
// Cannot register a user due to an error.
}
}
}
)
miraclTrust.register(
USER_ID,
activationToken,
pinConsumer -> {
// Ask the user to create a PIN code for their new User ID.
// Then pass the PIN code to the PinConsumer.
pinConsumer.consume(userPin);
},
result -> {
if (result instanceof MIRACLSuccess) {
User user = ((MIRACLSuccess<User, RegistrationException>) result).getValue();
} else {
MIRACLError<User, RegistrationException> error =
(MIRACLError<User, RegistrationException>) result;
// Cannot register user due to an error.
}
}
);
MIRACLTrust.getInstance().register(
for: <#Unique user identifier (any string, i.e. email)#>,
activationToken: <#Activation token#>,
didRequestPinHandler: { pinProcessor in
// Here the user creates a PIN code for their new User ID.
pinProcessor(<#Provide your PIN code here#>)
},
completionHandler: { user, error in
// Get the user object or handle the error appropriately.
}
)
[[MIRACLTrust getInstance] registerFor:<#Unique user identifier (any string, i.e. email)#>
activationToken:<#Activation token#>
pushNotificationsToken:<#Push notifications token#>
didRequestPinHandler:^(void (^ _Nonnull pinProcessor)(NSString *)) {
// Here the user creates a PIN code for their new User ID.
pinProcessor(<#Provide your PIN code here#>)
} completionHandler:^(User * _Nullable user, NSError * _Nullable error) {
// Get the user object or handle the error appropriately.
}];
If the registration is successful, the enrolment process is completed. End users can now authenticate using the PIN chosen for the device. They can go through the verification process for each device they want to use for authentication or use QuickCode, if enabled, to enrol additional devices using the already enrolled one.
