Common objects

  • The object representing a user account. An Account is created when a FIDO UAF registration is completed successfully.

    See more

    Declaration

    Swift

    public protocol Account : Encodable, Hashable
  • The object defining a server. Each Account is defined in a given Server object.

    Important

    The SDK does not support having identities with the same Username defined in different servers.

    See

    server
    See more

    Declaration

    Swift

    public protocol Server : Encodable, Hashable
  • Collects the Authentication Attestation IDs of all supported Authenticators.

    See more

    Declaration

    Swift

    public enum AuthenticatorAaid : String, CaseIterable

Username

  • The username which represents an Account

    Declaration

    Swift

    public typealias Username = String
  • An object describing an authenticator.

    See more

    Declaration

    Swift

    public protocol Authenticator : Encodable, Equatable
  • An object containing information about the registrations of an authenticator.

    See more

    Declaration

    Swift

    public protocol RegistrationInfo : Encodable
  • The object containing the user enrollment information. Depending on the nature of the authenticator, this object will be either a OsUserEnrollment or a SdkUserEnrollment.

    Declaration

    Swift

    public protocol UserEnrollment : Encodable, Equatable
  • The object containing the user enrollment information for an authenticator whose credentials are managed by the operating system (like the FaceID). In this case, there is no notion of Account: either the authenticator is enrolled at the operating system level (for all users) or not.

    See more

    Declaration

    Swift

    public struct OsUserEnrollment : UserEnrollment
  • The object containing the user enrollment information for an authenticator whose credentials are managed by the SDK (like the PIN authenticator).

    See more

    Declaration

    Swift

    public struct SdkUserEnrollment : UserEnrollment, Hashable
  • Provides the authorization elements required to perform operations on protected resources.

    Within NEVIS Mobile Authentication, nevisAuth is also involved if authentication is required to initiate a FIDO operation. When registering with FIDO UAF credentials, the HTTPClient must authenticate to obtain some authorization tokens (HTTP cookies, JWT, etc.). So the client can access the protected resource (f.e.: the FIDO UAF registration endpoints) by providing these authorization elements. (This is to avoid that an attacker could initiate and successfully complete operations (like registrations) on behalf of an arbitrary user.)

    Some operations can also generate an AuthorizationProvider what the application can use to access protected resources. This is a typical case of authentication. Once the authentication is completed, some authorization tokens might have been granted.

    Declaration

    Swift

    public protocol AuthorizationProvider : Decodable, Encodable
  • An HTTP cookie based AuthorizationProvider.

    See more

    Declaration

    Swift

    public struct CookieAuthorizationProvider : AuthorizationProvider
  • Declaration

    Swift

    public struct JwtAuthorizationProvider : AuthorizationProvider
  • A JWS AuthorizationProvider.

    Important

    This provider is only used to mark the Deregistration operation to use the new deviceResourcePath endpoint. Only the Deregistration operation accepts this provider.
    See more

    Declaration

    Swift

    public struct JwsAuthorizationProvider : AuthorizationProvider
  • Provides the elements required to run an operation in a session.

    When authenticating with FIDO UAF credentials, the HTTPClient must provide some authorization tokens (HTTP cookies, JWT, etc.). These authorization elements might already be available, due to a previous authentication. In these cases, FIDO UAF is not used as first factor authentication, SessionProvider is used to provide the needed authorization elements to HttpClient for a FIDO UAF authentication.

    The client can access the protected resource (f.e.: the FIDO UAF registration endpoints) by providing these authorization elements. (This is to avoid that an attacker could initiate and successfully complete operations on behalf of an arbitrary user.)

    SessionProvider provides this functionality.

    Declaration

    Swift

    public protocol SessionProvider : Decodable, Encodable
  • Declaration

    Swift

    public struct JwtSessionProvider : SessionProvider
  • An HTTP cookie based SessionProvider.

    See more

    Declaration

    Swift

    public struct CookieSessionProvider : SessionProvider
  • The object defining a non-redeemed out-of-band operation as defined in the in the Get Device Out-of-Band Operations service.

    See more

    Declaration

    Swift

    public struct PendingOutOfBandOperation : Codable, Equatable
    extension PendingOutOfBandOperation: Comparable
  • The object with the non-redeemed out-of-band operations returned by nevisFIDO in the Get Device Out-of-Band Operations service.

    If the pending operations in a given server could be found, but they failed for another server: The found operations will be returned by the operations method, and the error will be returned by the errors method.

    See more

    Declaration

    Swift

    public struct PendingOutOfBandOperationsResult : Encodable
  • This object describes the contents that are sent by nevisFIDO in the out-of-band use case to start an operation (registration, authentication or deregistration).

    This object can be obtained from its JSON representation, which is included in a push notification message, in a QR code or in a universal link, depending on the out-of-band mechanism used.

    The following example shows how you would obtain the OutOfBandPayload based on a JWE (JSON Web Encryption) payload received via Push Notification from the NEVIS Mobile Authentication backend.

    Usage example:

    
    func userNotificationCenter(_: UNUserNotificationCenter, didReceive response: UNNotificationResponse, withCompletionHandler completionHandler: @escaping () -> ()) {
        let pushNotificationHash = response.notification.request.content.userInfo
        // Convert `pushNotificationHash` to JSON string
    
        client.operations.outOfBandPayloadDecode
            .json(jsonPayload)
            .onSuccess(oobOperation)
            .onError { error in
                ...
            }
            .execute()
    }
    
    See more

    Declaration

    Swift

    public struct OutOfBandPayload : Codable, Equatable
  • A RedeemData instance contains information to be redeemed in order to trigger FIDO UAF operations.

    The information is extracted from different channels like QR-Code, Push Notification, etc.

    See more

    Declaration

    Swift

    public struct RedeemData : Codable, Equatable
  • The different dispatch channels (dispatchers in nevisFIDO terminology) that can be used with to transmit the out-of-band operation: the out-of-band operation reaches the application either through a QR code, a FCM push notification or a link.

    See

    See the nevisFIDO Dispatchers for Mobile Authentication section for details.
    See more

    Declaration

    Swift

    public enum DispatchChannel : String, Codable, CaseIterable
  • Some of the operations of the SDK allow to retry the operation (or part of the operation). This object defines the different types of retry mode that can be used.

    See more

    Declaration

    Swift

    public enum RetryPolicy : Equatable, Decodable