User Authentication

User Authentication via the Auth Armor App

All APIs used in this flow:

• Start Authenticator Registration: docs.autharmor.com/reference/post_v3-users-authenticator-register-start
• Poll userinfo endpoint to get auth status/info: docs.autharmor.com/reference/get_v3-auth-auth-request-id
• Start Authenticator Registration for existing user: docs.autharmor.com/reference/post_v3-users-user-id-authenticator-register-start

Guide:

The above diagram shows the flow of API calls you need to make to get users signed up for your product.

• As a helper, your product user might or might not have the Auth Armor Authenticator app installed.
• If a user doesn’t have the Auth Armor mobile app, upon scanning the QR Code generated, the user will be redirected to download the mobile app solving for when the end user is new to the AuthAmour authentication flow/app.

User Authentication via WebAuthn

All APIs used in this flow:

• Start WebAuthin Registration: docs.autharmor.com/reference/post_v3-auth-webauthn-start
• Send WebAuthin data back to Auth Armor: docs.autharmor.com/reference/post_v3-users-webauthn-register-finish
• Start WebAuthIn Registration for existing user: docs.autharmor.com/reference/post_v3-users-user-id-webauthn-register-start
• Send WebAuthIn data back for existing user: docs.autharmor.com/reference/post_v3-users-user-id-webauthn-register-finish

Guide

As another solid authentication channel, you are able to replace the Auth Armor mobile app with native WebAuthin mechanisms provided by current device operating systems.

• The above flow shows the API calls you need to make it work with Auth Armor.
• Much of the webauthin work is device-specific, hence it is recommended to read on how to do so for the devices you want to support.
• Web, Mobile, Desktop, etc.

User Authentication via Magic Links

All APIs used in this flow:

• Start MagicLinks Registration: /reference/post_v3-users-magiclink-email-register-start

• Validate MagicLink token: /reference/post_v3-users-register-magiclink-email-validate

• Start MagicLinks Registration for existing user /reference/post_v3-users-user-id-magiclink-email-register-start

Guide

• The above diagram showcases the API calls you need to make to get users signed up using for your product via the Auth Armor MagicLinks method.

Get user enrollment status:

• Under all these authentication methods, you need to check if a user has authenticated via them already. You need to call the User Auth Info API to get the details on that.
• It is recommended you do so, to prevent unnecessary calls and for enrollment to new methods.
• Auth Status API: docs.autharmor.com/reference/get_v3-auth-auth-request-id

GET /connect/token HTTP/1.1
Host: api.autharmor.com/v3/auth/{auth_request_id}
Content-Type: application/json

Enrolling already authenticated users to use other authentication methods:

• Given Auth Armor provides multiple authentication methods, users can signup via other channels if you implement such a solution.
• Under this scenario, if a user has already registered to your product via another Auth Armor authentication method.
• All you need to do is to enroll them via an API call below and provide the pre-saved user_id of the user whom you wish to enable this authentication method for.
• You can get the user_id from the above Auth Status API

Endpoints:

• Enroll existing user to Authenticator Method: docs.autharmor.com/reference/post_v3-users-user-id-authenticator-register-start
• Enroll existing user to WebAuthIn Method: docs.autharmor.com/reference/post_v3-users-user-id-webauthn-register-start
• Finish existing user enrollment for WebAuthIn Method: docs.autharmor.com/reference/post_v3-users-user-id-webauthn-register-finish
• Enroll existing user to MagicLink Method: docs.autharmor.com/reference/post_v3-users-user-id-magiclink-email-register-start