Skip to main content

Deep links

Deep links offer the same advantages as QR codes, with the added benefit of a smooth authentication flow in mobile-only scenarios.

Authentication with only a single device at hand can still be both secure and convenient. With deep links, it is possible to forgo the need for passwords, usernames, and even push notifications for smooth and secure authentication.

We recommend deep links as an authentication method, if the following are true for your business:

  • Your applications are mainly used on mobile devices.
  • You want an all-in-one, single-device authentication experience for your users.
  • You do not want to rely on the availability of push services on user devices.
  • You want the option for usernameless authentication.
  • You do not want to invest in major technical development.

Deep links contain the same transaction-related information as QR codes. But instead of manually opening an app on another device and scanning a code, the user only has to tap the presented link to go directly to the Access App and authenticate.

Deep links can be used as a second factor to increase the security of username and password login scenarios, and also as a first factor. In that case, both the password and the username are replaced by biometric authentication, substantially improving convenience as well as security.

Registration and authentication flow

To get started, you need the following information available:

  • Instance ID
  • Access Key

For more information on the instance ID and the Access Key, see the API documentation.

To implement and use deep links, see the instructions on the following pages:

  1. Register a mobile app
  2. Authenticate with QR codes or deep links

For more information about usernameless transaction approval, and how it can be implemented using deep links, see Usernameless authentication.

Read more about deep links in the Links - Mobile only section of the Access App documentation.