# Web login with QR code

# Use case

You are looking for a secure way for your end-users to log in to your website, but without the need for usernames and passwords. You want to achieve this whilst still offering a positive and seamless user experience for your end-users.

# How it works

Meet Jane, one of your active end-users who has activated MobileID in your mobile app. Jane needs to log in to your website so that she can access your online services.

  1. To do this, Jane navigates to your website and arrives at the login page.
  2. On this page, she sees the option to log in by scanning the displayed QR code with your mobile app. Jane opens your mobile app and scans the QR code.
  3. Your app displays a message asking if she wants to log in to your website.
  4. Jane approves the login request using biometrics or a PIN code, and is now able to access your online services.


Jane has now securely authenticated herself with two-factor authentication using your mobile app.

# What it looks like

The following diagram illustrates what a web login could look like with MobileID, from the perspective of your end-user.

MobileID web login click-to-zoom

# Implementation


This flow assumes that you are using MobileID and that the end-user has an active MobileID user and device.

There are many ways to implement MobileID for web login with a QR code. The following flow is a suggestion:

  1. The end-user visits your website and navigates to the login screen.
  2. Your server starts a login session.
  3. The website displays a QR code of the login session and asks the end-user to scan it.
  4. The end-user opens your mobile app and scans the QR code.
  5. Your mobile app will send a request to your server with the ID of the MobileID user and the login session.
  6. Your server connects the MobileID user to the login session and starts a MobileID authentication.
  7. The app displays a message asking the end-user to approve the login to your website.
  8. The end-user approves the login using biometrics or a PIN code.
  9. MobileID verifies the authentication and sends a response to your server and app; confirming the authentication.
  10. Your website grants the end-user access to their account.

Using MobileID for web login with a QR code is a straightforward and effective way to provide your end-users with a secure and seamless login experience.

# Sequence diagram

Sequence diagram for a MobileID web login with QR code click-to-zoom

# Learn more

Last updated: 04/03/2024 15:17 UTC