Local Authentication

With the local authentication feature of the OneSpan Orchestration SDK, the user can authenticate to the Customer Website using a one-time password (OTP) generated via the Customer Mobile Application. The OTP can be transmitted manually by the user, or remotely by the Customer Mobile Application. An authentication method must be defined to authenticate the user before the OTP is generated. See Authentication methods for more information.

Local authentication workflow illustrates the local authentication workflow with a manual transmission of the OTP.

1. The user initializes an authentication request via the Customer Mobile Application (e.g. for login purposes), providing their user identifier.

2. The Customer Mobile Application calls the startLocalAuthentication method of the Orchestration SDK to perform the local authentication with a given authentication method (see Authentication methods for more information).

3. The Orchestration SDK prompts the user to authenticate by using an authentication method defined by the Customer Mobile Application.

4. In case of successful user authentication, the Orchestration SDK generates a one-time password (OTP), and transmits it to the Customer Mobile Application using the onLocalAuthenticationSuccess method.

5. The Customer Mobile Application displays the OTP to the user.

6. The user initializes an authentication request via the Customer Website (e.g. for login purposes), by providing their user identifier and the generated OTP. This request is transmitted to the Customer Application Server.

7. The Customer Application Server calls the login method of the OneSpan Trusted Identity platform to verify the OTP.

8. The Customer Application Server provides a response to the Customer Website by indicating the success of the authentication request.

9. The user is logged in to the Customer Website.

For more information about integrating this feature, see Local authentication.