Steps for mobile integration

Introduction

Our SDK for mobile applications allows you to connect your mobile application with the MYDIGIPASS Authenticator for Mobile, so your users can fully benefit from the single and secure login experience offered by MYDIGIPASS.

At the same time, the SDK enables you to leverage your existing web integration. There is no need for a separate Secure Connect API integration with your mobile apps. However, a fully operational web integration environment is required.

Mobile authentication flow

If you haven’t done so already, review the Secure Connect API documentation first, especially the sequence diagram. Then compare it to the sequence diagram below.

authenticator for mobile integration sequence diagram
Figure 1. Mobile App Authentication Sequence
Notable steps
  • Your web application server initializes a session for your mobile application and generates the state parameter to prevent CSRF attacks. See the OAuth 2.0 spec for more info about the state parameter.

  • The SDK will communicate with the MYDIGIPASS Authenticator for Mobile which will request an OAuth Authorization Code on behalf of your mobile application after the user enters his PIN.

  • The MYDIGIPASS Authenticator for Mobile will return the OAuth Authorization Code to your mobile application via a special mobile redirect URI:

    • This mobile redirect URI needs to be registered on MYDIGIPASS.

    • On iOS this happens via custom URL schemes.

    • On Android this happens via the Intent mechanism.

  • Your mobile application sends the OAuth Authorization Code and state parameter to the redirect URI endpoint of your web application server just like a regular web browser.

  • Your server implementation of the Secure Connect API verifies the UUID of the user and marks your mobile application session as logged in.

Register your mobile app

Before you can use the Mobile App Authentication SDK with your application, you must register a redirect uri and provide a unique mobile application identifier for your mobile app. You will have to use both parameters when configuring the SDK in your app project.

Download the SDK for Mobile App Authentication

We currently support the iOS and Android platforms.

Integrate the SDK for Mobile App Authentication

Consult the SDK project README.md files: