Skip to content

Login QR⚓︎

The nextAuth login QR codes contain less data then the nextAuth enrol QR codes. But other then that, scanning the QR code and starting a session are identical to the ones described in setting up your first account. The Mobile SDK differentiates between the two types of QR codes and tells the app how to proceed through callbacks. The expected callbacks are therefore be different, and are described below.

Tip

Avoid displaying an enrol QR and login QR code on the same page, as the camera might scan the other QR code and not the one intended by the user.

Info

If you start a flow based on a login QR code for a server on which the user has no account in the app yet, you will get back a NextAuthError NO_ACCOUNTS_FOR_SERVER.

Handle Callbacks⚓︎

The expected sequence of FlowUpdate callbacks (for a given Flow with Type=LOGIN) to be handled is as follows:

  1. PROCESSING as its State -- the flow has started, but does not expect any input (yet). See here for more information.
  2. WAIT_FOR_INPUT as its State. The CurrentUserInteraction.Type is CONFIRM -- asking the user to confirm their login. See here for more information.
  3. PROCESSING as its State -- the nextAuth Mobile SDK is processing the user' input.
  4. WAIT_FOR_INPUT as its State. The CurrentUserInteraction.Type is VERIFY_SECOND_FACTOR -- asking the user to enter their second factor for verification. See here for more information.
  5. PROCESSING as its State -- the nextAuth Mobile SDK is verifying the user's second factor and logging the user in.
  6. DONE as its State -- the flow successfully finished, the user is logged in.

Info

If automaticallySelectSingleAccountWhenSecondFactorNeeded is set to true in the SDK Configuration, the FlowUpdate callback for a flow with CurrentUserInteraction.Type = CONFIRM will only be sent out if the user either:

  • needs to select one account to login in with (i.e., the app has multiple accounts at this server, for which the login QR code was generated, to choose from), or
  • needs to confirm their intent (i.e., when the user does not need to input a second factor and hence cannot confirm their intent there).

Info

The FlowUpdate callback(s) for a flow with CurrentUserInteraction.Type = VERIFY_SECOND_FACTOR are conditional on the server (for which the login QR code was generated) being configured to only require the second factor once every pinTimeout.

Furthermore, even if a second factor was previously entered by the user in the specified pinTimeout, one can specify that a second factor is required when generating the login QR code at the server.

Finally, if AppLogin functionality is used, the nextAuth mobile SDK resets the pinTimeout after the session associated with the AppLogin is no longer logged in.