Class RegistrationAbstract

The object that can be used to trigger a registration operation.

Usage example:

  class AuthenticatorSelectorImpl extends AuthenticatorSelector {
      async selectAuthenticator(
          context: AuthenticatorSelectionContext,
          handler: AuthenticatorSelectionHandler
      ): Promise<void> {
          await handler.aaid(aaid).catch(console.error);
      }
  }

  class BiometricUserVerifierImpl extends BiometricUserVerifier {
      async verifyBiometric(
          context: BiometricUserVerificationContext,
          handler: BiometricUserVerificationHandler
      ): Promise<void> {
          await handler
              .listenForOsCredentials(
                  BiometricPromptOptions.create(
                      'Biometric authentication required',
                      'Cancel',
                      'Please identify yourself.'
                  )
              )
              .catch(console.error);
      }
  }

  async register(
      client: MobileAuthenticationClient,
      username: string,
      deviceInformation: DeviceInformation
   ): Promise<void> {
      await client.operations.registration
          .username(username)
          .deviceInformation(deviceInformation)
          .authenticatorSelector(new AuthenticatorSelectorImpl())
          .biometricUserVerifier(new BiometricUserVerifierImpl())
          .onSuccess(() => {
              // handle success
          })
          .onError((_error) => {
              // handle error
          })
          .execute();
   }

The biometric, device passcode and fingerprint authenticators are enrolled at the OS level. That is why, if one of them must be registered, the user must authenticate through BiometricUserVerifier, DevicePasscodeUserVerifier or FingerprintUserVerifier. In the case of the PIN and password, the credentials are enrolled during registration, so no authentication is needed.

See

Operations.registration

Hierarchy

Methods

requestHeaders execute username serverUrl deviceInformation authorizationProvider allowClass2AndroidSensors allowDevicePasscodeAsFallback invalidateOnNewOsBiometrics authenticatorSelector pinEnroller passwordEnroller biometricUserVerifier devicePasscodeUserVerifier fingerprintUserVerifier onSuccess onError

Methods

Abstract requestHeaders

Abstract execute

  • Executes the operation asynchronously.

    Returns Promise<void>

Abstract username

  • Specifies the username that must be used to register.

    IMPORTANT
    Providing the username is required.

    Parameters

    • username: string

      the username.

    Returns Registration

    a Registration object.

Abstract serverUrl

Abstract deviceInformation

  • Specifies the device information to be used.

    The DeviceInformation is required only if you require support for encrypted out-of-band payloads or push notifications. If a DeviceInformation was already provided in an existing registration, the provided value will be ignored.

    Parameters

    Returns Registration

    a Registration object.

Abstract authorizationProvider

Abstract allowClass2AndroidSensors

  • Specifies whether Class 2 (formerly weak) biometric sensors are allowed if the biometric authenticator is selected.

    IMPORTANT
    This method is Android specific and will be ignored on iOS platform.

    By default, the SDK will only allow to use Class 3 (formerly strong) sensors. Using Class 2 sensors is less secure and discouraged. When a Class 2 sensor is used, the FIDO UAF keys are not protected by the operating system by requiring user authentication.

    If the SDK detects that only Class 3 (strong) biometric sensors are available in the mobile device, even if Class 2 sensors are allowed, the FIDO UAF credentials will be protected by the operating system by requiring user authentication.

    However, in some cases it may be acceptable for the sake of end-user convenience. Allowing Class 2 sensors will enable for instance the use of face recognition in some Samsung devices.

    Parameters

    • allowClass2AndroidSensors: boolean

      specifies whether Class 2 biometric sensors are allowed if the biometric authenticator is selected.

    Returns Registration

    a Registration object.

Abstract allowDevicePasscodeAsFallback

  • Specifies whether the OS device passcode can be used as fallback during biometric authentication.

    If not specified, the device passcode cannot be used as fallback.

    Parameters

    • allowDevicePasscodeAsFallback: boolean

      indicates whether the device passcode can be used as fallback.

    Returns Registration

    a Registration object.

Abstract invalidateOnNewOsBiometrics

  • Specifies whether the authenticator must be invalidated if the user adds new biometric credentials in the OS settings. If the authenticator has been invalidated, and you try to authenticate with it, an error with code FidoErrorCodeType.KeyDisappearedPermanently will be returned by the authentication operation.

    This setting only applies to biometric Aaid.BIOMETRIC and fingerprint Aaid.FINGERPRINT authenticators. By setting this parameter to true, you increase the security but there is a loss of convenience: adding a new OS biometric credential does not imply necessarily that there is a security risk, but if the end-user does it, a new registration will be required, because an invalidated authenticator cannot be recovered.

    If not specified, the authenticator will be invalidated when the user adds a new biometric credential in the OS settings.

    Parameters

    • invalidateOnNewOsBiometrics: boolean

      indicates whether an addition of biometric credentials in the OS should invalidate this authenticator.

    Returns Registration

    a Registration object.

Abstract authenticatorSelector

Abstract pinEnroller

Abstract passwordEnroller

Abstract biometricUserVerifier

Abstract devicePasscodeUserVerifier

Abstract fingerprintUserVerifier

Abstract onSuccess

  • Specifies the object that will be invoked if the registration completed successfully.

    IMPORTANT
    Providing the onSuccess is required.

    Parameters

    • onSuccess: (() => void)

      the callback which is invoked on successful registration.

        • (): void

        • Returns void

    Returns Registration

    a Registration object.

Abstract onError

  • Specifies the object that will be invoked if the registration failed.

    IMPORTANT
    Providing the onError is required.

    Parameters

    Returns Registration

    a Registration object.

Settings

Member Visibility

Theme

On This Page

Generated using TypeDoc