# Offline authentication
# Overview
It is possible to authenticate the end-user, even if the mobile device is offline. For more detailed information, see our Offline authentication Encap feature guide.
# Offline authentication flow
From a mobile client perspective, the flow to perform an offline authentication could be as follows:
Mobile App
- Activate the desired offline authentication method using our
addOrUpdate
operation, authenticate with an online authentication method, and activate offline authentication method.
- Activate the desired offline authentication method using our
Service provider
- Start an offline authentication session.
- Present the verification data (containing a challenge and context) to the end-user. For example, in a QR code on a website.
Mobile app
- Scan the QR code and call
startOfflineAuthentication(verificationData)
. - Retrieve the
context
andauthMethod
fromStartOfflineAuthenticationResult
. - Display the
context
and callfinishOfflineAuthentication()
to let the end-user authenticate, using theauthMethod
fromstartResult
. - If
finishOfflineAuthentication
is successful, then display the one-time password fromFinishOfflineAuthenticationResult
and let the end-user enter it on the website.
- Scan the QR code and call
# Additional information
It is possible to select a different PIN code for
AuthMethod.OFFLINE_PIN
andAuthMethod.DEVICE_PIN
.For authentication with
DeviceAndroidFingerprint
and activation ofOfflineAndroidFingerprint
, the API will create a temporary state change callback allowing the app to close the first fingerprint dialogue and display the second one.AuthMethod.OFFLINE_DEVICE
corresponds toOFFLINE
in the feature description.AuthMethod.OFFLINE_DEVICE
'stoString()
returnsOFFLINE
.