2

Authenticating AE SDK users

The SDK provides 2 main ways to authenticate users:

  1. SMS flow.
  2. Using a JWT token that will be generated by the hosting site/app.

The authentication method you choose is saved as part of your app key settings and can be changed by contacting the SDK team.

SMS flow

The SMS flow consists of 3 steps:

  1. Request the user to enter his phone number.
  2. Send the user SMS with a generated code (OTAC).
  3. Verify the user's identity by asking him to enter the code he got in the SMS.

The SMS flow Login screen will to be visible to the customer in 2 cases:

  1. The "SMS Flow" option is enabled for the app key (can be done in the SDK Backoffice).
  2. User will see the SMS login screen as a fallback if both of the options "SMS Flow" and "JWT authentication token" are enabled for the appkey and JWT authentication failed (for ex: if the token is invalid or expired).

Using JWT token

In this flow the SDK will validate a JWT token it got from the hosting site/app and sign the user in based on the token's claims.

For this flow to work 2 conditions must be met:

  1. Info about the token needs to be provided to the team by Contacting us - this is a one time process that will include information like the token's issuer, it's claims and so on.
  2. The signIn method needs to be called with your token.

Speisific info about the signIn method for each platform can be found here:

  1. Web
  2. Android
  3. iOS
Last updated on 6/18/2020 by Shai Amsalem
PreviousNext