# Offline authentication
Page contents
# Overview
It is possible to authenticate the end-user, even if the mobile device is offline. For more detailed information, see our Offline authentication Encap feature guide.
# Offline authentication flow
From a mobile client perspective, the flow to perform an offline authentication could be as follows:
Mobile App
- Activate the desired offline authentication method using our
addOrUpdate
operation, authenticate with online authentication method, and activate offline authentication method.
- Activate the desired offline authentication method using our
Service provider
- Start an offline authentication session.
- Present the verification data (containing a challenge and context) to the end-user. For example, in a QR code on a website.
Mobile app
- Scan the QR code and call
startOfflineAuthentication(verificationData)
.EncapController.shared().startOfflineAuthentication("VerificationData/String from QR code") { startOfflineAuthResult in // Success } onError: { error in // Error }
- Retrieve the
context
andauthMethod
fromStartOfflineAuthenticationResult
. - Display the
context
and callfinishOfflineAuthentication
to let the end-user authenticate, using theauthMethod
fromstartResult
. - If
finishOfflineAuthentication
is successful, then display the one-time password fromFinishOfflineAuthenticationResult
and let the end-user enter it in the website.let authParam = EncapOfflineDeviceAuthParameter() EncapController.shared().finishOfflineAuthentication(authParam) { finishOfflineAuthResult in // Success } onError: { error in // Error }
- Scan the QR code and call
# Additional information
It is possible to select a different PIN code for
AuthMethod.OFFLINE_PIN
andAuthMethod.DEVICE_PIN
.It is only possible to add offline
authMethods
one at a time with theaddOrUpdate
operation, not during the initial activation.
# Supported Offline auth parameters
EncapOfflineDeviceAuthParameter
EncapOfflinePinAuthParameter
EncapOfflineStrongTouchIDAuthParameter
EncapOfflineFaceIDAuthParameter