I would like to have my users login once at Sphinx and then have them authenticated via the Authmanager/Biometrics capabilities of the mobile device they use.
The idea is to store something (not sure what) after the initial successful biometric login within the application in order to pass this data to the Sphinx server in the future, so that the users can simply login via their biometric profile.
Is this somehow possible?
After users login to Sphinx, your client application receives an access token which will be used to further connections - to your API for example.
What you can do is save that token in some protected mobile storage, and ask the user for the biometrics auth to access the token and use it.
Thanks for the fast answer. So also the user login populates the AccessToken property? This is only mentioned in the docs in case that RequestToken is used (Server to Server part of the docs).
If also the Login Method (described "Authenticating from native applications" in the docs) populates the RequestToken property that will be the solution.
Thanks a lot again..
Yes. Indeed, when reading again the documentation, it's not explicitly said. It's implicit in the very last paragraph:
If the user is logged in, you can check the TSphinxLogin.AuthResult property to retrieve detailed information about the logged user, like e-mail, name, among other information.
The TAuthResult object has, among other information, the AccessToken property which contains the token to access the application API itself.
But it can be seen in practice in the Sphinx demo, the demo shows the login process and then the use of AccessToken returned in login to properly do authorized requests to the API.
Great, thanks a lot again for clarification.
1 Like
The demo is great, I should of ocurse have looked at them before asking ;-)
Thanks for your effort, I owe you a beer (or so).
1 Like