For the complete documentation index, see llms.txt. You can also append .md to any page URL to get its markdown version.
Skip to main content
For the complete documentation index, see llms.txt.

For the complete documentation index, see llms.txt

Offline authentication

About offline authentication

Our offline authentication feature allows you to authenticate the end-user, even if the mobile device is offline.

How does offline authentication work?

From a mobile client perspective, the flow to perform an offline authentication could be as follows:

Flow part 1: Mobile app

  1. Activate the desired offline authentication method using our addOrUpdate operation.
  2. Authenticate with online authentication method.
  3. Activate offline authentication method.

Flow part 2: Service provider

  1. Start an offline authentication session.
  2. Present the verification data (containing a challenge and context) to the end-user. For example, in a QR code on a website.

Flow part 3: Mobile app

  1. Scan the QR code and call startOfflineAuthentication(verificationData).
    EncapController.shared.startOfflineAuthentication(verificationData: "VerificationData/String from QR code") { startResult in
    switch startResult {
    case .success(let startOfflineAuthResult):
    // Success
    case .failure(let error):
    // Error
    }
    }
  2. Retrieve the context and authMethod from StartOfflineAuthenticationResult.
  3. Display the context and call finishOfflineAuthentication to let the end-user authenticate, using the authMethod from startResult.
  4. If finishOfflineAuthentication is successful, then display the one-time password from FinishOfflineAuthenticationResult and let the end-user enter it in the website.
    EncapController.shared.finishOfflineAuthentication(withAuthMethod: .offlineDevice) { finishResult in
    switch finishResult {
    case .success(let finishOfflineAuthResult):
    // Success
    case .failure(let errorResult):
    // Error
    }
    }

Additional information

  • It is possible to select a different PIN for AuthMethod.offlinePin and AuthMethod.pin.
  • It is only possible to add offline authMethods one at a time with the addOrUpdate operation, not during the initial activation.

Supported Offline auth parameters

  • AuthMethod.offlineDevice
  • AuthMethod.offlinePin(value: String)
  • AuthMethod.offlineStrongTouchID(prompt: String?)
  • AuthMethod.offlineFaceID