Login QR⚓︎
The nextAuth login QR codes contain less data then the nextAuth enrol QR codes. But other then that, scanning the QR code and starting a session are identical to the ones described in setting up your first account. The Mobile SDK differentiates between the two types of QR codes and tells the app how to proceed through callbacks. The expected callbacks are therefore be different, and are described below.
Tip
Avoid displaying an enrol QR and login QR code on the same page, as the camera might scan the other QR code and not the one intended by the user.
Info
If you scan a login QR code for a server on which the user has no account in the app yet, you will get back a UserErrorMessage with code 34 - No Accounts Found for Server
.
Handle Callbacks⚓︎
The expected sequence of callbacks/notifications to be handled is as follows:
ConfirmLogin
-- asking the user to confirm logging in. See here for more information.SecondFactor
withVERIFY
as its context -- asking the user to enter their second factor for verification. See here for more information.SecondFactor
withSUCCESS
as its result -- acknowledging that the second factor has been verified.SessionLogin
-- acknowledging that the user is now logged in.
willConfirmLoginFor
-- asking the user to confirm logging in. See here for more information.didStartSecondFactorWith
withVERIFY
as its context -- asking the user to enter their second factor for verification. See here for more information.didUpdateSecondFactorWith
withSUCCESS
as its result -- acknowledging that the second factor has been verified.sessionUpdate
-- acknowledging that the user is now logged in.
Info
If automaticallySelectSingleAccountWhenSecondFactorNeeded
is set to true
in the SDK Configuration, the ConfirmLogin
callback will only be shown if the user either:
- needs to select one account to login in with (i.e., the app has multiple accounts at this server, for which the login QR code was generated, to choose from), or
- needs to confirm their intent (i.e., when the user does not need to input a second factor and hence cannot confirm their intent there).
Info
The SecondFactor
callbacks are conditional on the server (for which the login QR code was generated) being configured to:
- require a second factor, and
- only require the second factor once every
pinTimeout
.
Furthermore, even if a second factor was previously entered by the user in the specified pinTimeout
, a more specific pinTimeout
can be requested from the server SDK for generating the login QR code.