How you can send a Push Auth Request
Using the Dashboard
You can use the dashboard to send a push request with out writing any code or using the API. Simply go to the users section in your project and select the user you want to send a push auth request to. Ideally, you have already added your self to your project. If not, it is recommended you do so. This way you can send a push auth request to your self and see how the system would work for your users. Once you have the user selected, you will see a "Send Push Auth" button. Click this button and you will see a form to enter.
- Action Name - This is the action name that will appear in the push request and in the notification.
- Short Message - This is a short description of the push auth request for the user to see. This will also appear in the notification and push auth screen.
- Timeout - this is the timeout value, in seconds, for the request.
Fill in these fields and hit send. The user you have requested will get a request on his/her device(s) that have been enrolled with Auth Armor and your project. Upon approving (or declining) the request, you will be alerted of the result on the dashboard. You can then view detailed results of the auth request and response (if approved). The response information will contain the device that was used and the cryptographic information needed to validate the signature in the response.
Using the API
You can also use the API to send a push auth request. This method is much more flexible than the dashboard and allows full control of the auth process.
You can read more detail about sending an auth request using the api in this article - How to send a push auth request using the API
Auth Armor supports multiple auth methods. and use types. Current supported methods are:
- Mobile Device
- Biometric (FaceID and fingerprint/TouchID)
- Security Key
Mobile Device means that the authentication was performed by the mobile device. Auth Armor supports two main methods when using Mobile Device:
Biometric means either Face ID or fingerprint at this time. Face ID is used for iOS and fingerprint is used for Android. Future Android devices may support Facial Recognition as well.
Pin is an option for devices that do not have biometric capability.
You can specify rules using the API. For Mobile Device, there is only one rule supported right now, and that is to force biometric and not allow pin. Please note: on iOS, pin fallback is still allowed using the built-in app pin ability for iOS, When this is used, Auth Armor does not
Security Keys are a new technology that allows for great security. The Auth Armor app has built in support for security keys. Users can authenticate using a security key if they so choose. You can force a security key by setting the SecurityKey to the only accepted Auth Method. Or you can choose to not accept security keys by sending MobileDevice as the only accepted Auth Method. This is not recommended, as security keys are a great way to use Auth Armor.