You are developing a mobile application and once the user logs in with biometrics, he/she can call OneWelcome APIs for performing different operations, without the need to provide any password, or even a username.
How does this work?
For this scenario, let's assume that you are building a mobile application to allow users to view their insurance policy, and you want them to login in the app without any username and password, just by using biometrics, such as fingerprint and/or face recognition. Once logged in into the app, the user is able to see details about his/her insurance policy.
In order to achieve such a flow, the user has to have an already existing OMI device. For details about how to enrol a new user, please consult Adding Mobile Identity to your registration process.
A step by step flow would look like this:
- User opens your application with OMI embedded
- Logs in with either face recognition or fingerprint
- Immediately sees informations about his/her insurance policy
What parts of the API do you need?
In order for the user to see informations about his/her insurance policy, an access token with proper scopes is needed so that the APIs which returns such information can be called.
For issuing an access token, the following API has to be called:
Step by step
A step by step flow for creating a session in OneWelcome once you are logged in into your native web application, would look like this:
- User opens the application and signs in into the app using a fingerprint or some other passwordless means
- A session is created in the application
- Application session along with some other data, such as client id, client secret and the application authorisations (scopes) are exchanged, using the API from above, for a Single Sign on Token, an Access Token and an ID Token