⚙️Integration Flows
Learn how the Keyless components interact with your app.
Introduction
Learn how the Keyless SDK components can be integrated into a mobile application and backend server, to enable biometric authentication.
Integration Overview
Enrollment Flow
To authenticate with Keyless, a user must first enroll their biometric template. Enrollment with Keyless consists of registering the user’s biometric features in a privacy-preserving manner using the various enrollment methods from the Keyless SDK.
Authentication Flow
The most common authentications scenarios for the Keyless SDK are:
access to a web application
access on a mobile application
Authentication in a web application
In this scenario the user is trying access to a resource in a web application for which strong authentication is required. The web application backend sends a push notification to the customer app to request that the user identify themselves with Keyless. After biometric authentication is successful, the flow returns to the web application backend, which leverages the APIs exposed by the Keyless backend to perform additional security checks.
Once the Keyless backend confirms that the authentication was successful, the user is allowed access to the resource.
Authentication on a mobile app
In this scenario the user is trying access to a resource directly in the mobile application for which strong authentication is required. The mobile application sends a push notification to the customer app to request that the user identify themselves with Keyless. After biometric authentication is successful, the flow returns to the mobile application backend, which leverages the APIs exposed by the Keyless backend to perform additional security checks.
Once the Keyless backend confirms that the authentication was successful, the user is allowed access to the resource.
Keyless Components
As mentioned, Keyless is composed of two main blocks:
Keyless SDK
Keyless backend / Confirmation API Service
Keyless SDK
The Keyless SDK supports both Android and iOS, and exposes API methods to interact with the Keyless Privacy-Preserving Network to perform the following actions:
Enroll a user
Authenticate
De-Enroll
Restore backup
Keyless backend
The Keyless SaaS backend offers APIs which can be used to perform security checks through Backend-to-Backend calls. Specifically, it is possible to interrogate the Keyless Backend after the SDK returns an OK response for an Authentication attempt.
Last updated