Skip to content

Login QR⚓︎

The nextAuth login QR code contains less data than the nextAuth enrol QR code. But aside from that, scanning the login QR code and starting a session uses the same process as that described in the First Account section. The Mobile SDK differentiates between the two types of QR codes and tells the app how to proceed by means of callbacks. The expected callbacks are therefore different and are described below.

Tip

Avoid displaying both an enrol QR code and a login QR code on the same page; the camera might inadvertently detect and scan the other QR code instead of the one intended by the user.

Info

If you start a flow based on a login QR code for a server on which the user has no account in the app yet, you will get back a NextAuthError NO_ACCOUNTS_FOR_SERVER.

Handle Callbacks⚓︎

The expected sequence of FlowUpdate callbacks (for a given Flow with Type=LOGIN) to be handled is as follows:

  1. PROCESSING as its State -- the flow has started, but does not expect any input (yet). See here for more information.
  2. WAIT_FOR_INPUT as its State. The CurrentUserInteraction.Type is CONFIRM -- asking the user to confirm their login. See here for more information.
  3. PROCESSING as its State -- the nextAuth Mobile SDK is processing the user’s input.
  4. WAIT_FOR_INPUT as its State. The CurrentUserInteraction.Type is VERIFY_SECOND_FACTOR -- asking the user to enter their second factor for verification. See here for more information.
  5. PROCESSING as its State -- the nextAuth Mobile SDK is verifying the user's second factor and logging the user in.
  6. DONE as its State -- the flow successfully finished, the user is logged in.

Info

If automaticallySelectSingleAccountWhenSecondFactorNeeded is set to true in the SDK Configuration, the FlowUpdate callback for a flow with CurrentUserInteraction.Type = CONFIRM will only be sent out if the user either:

  • needs to select one account to log in with (i.e. the app has multiple accounts to choose from at the server for which the login QR code was generated), or
  • needs to confirm their intent (i.e. when the user does not need to input a second factor and therefore cannot confirm their intent by that means).

Info

The FlowUpdate callback(s) for a flow with CurrentUserInteraction.Type = VERIFY_SECOND_FACTOR are conditional on the server (for which the login QR code was generated) being configured to only require the second factor once every pinTimeout.

Furthermore, even if a second factor was previously entered by the user in the specified pinTimeout, one can specify that a second factor is required when generating the login QR code at the server.

Finally, if AppLogin functionality is used, the nextAuth mobile SDK resets the pinTimeout after the session associated with the AppLogin is no longer logged in.