Reply to push notification
This topic explains how to set up the reply to the push notification. Complete this step if you are using the Identity Platform MFA methods push-to-accept, symbol-to-accept, or biometric. If you are using only TOTP, see "Generate offline TOTP" for steps.
At this point in the workflow, the end user has received a push notification and must send an accept or deny reply.
In the
userNotificationCenterDelegate
method, userNotificationCenter(_:didReceive:withCompletionHandler:), create aSecureAuthNotification
object by passing the response’suserInfo
dictionary.var notification = SecureAuthFramework.SecureAuthNotification(with: response.notification.request.content.userInfo) notification.date = response.notification.date
Create a
LoginViewModel
object which is used to send the response for the push notification.// Pass the notification object created above and the secureAuth object from above let model = LoginViewModel(notification, secureAuth: secureAuth)
Depending on the category of the notification (
PAN
,SPAN
,BPAN
), present the appropriate UI for the notification.For notification category
PAN
(Push Accept Notification), display Accept/Deny buttons for the user to send the appropriate response. Callmodel.sendLoginResponse(LoginStatus.ACCEPTED/LoginStatus.DENIED
, category:SecureAuthNotification.Category.PAN)
to send an ACCEPT or DENY response back to the server.For notification category SPAN (Symbol Push Accept Notification), display the symbols given by
notification.pushSymbols
. The user must tap the correct symbol to send an ACCEPT response; if the user taps the wrong symbols, a DENY response is sent.For notification category BPAN (Biometric Push Accept Notification), check if biometric authentication can proceed and if so, present the biometric authentication prompt to the user.
let context = LAContext() var error: NSError? context.localizedFallbackTitle = "" if context.canEvaluatePolicy(.deviceOwnerAuthenticationWithBiometrics, error: &error) { var reason = NSLocalizedString("Default authentication reason", comment: "Default authentication reason") var deniedMsgKey = "" if #available(iOS 11.0, *) { switch context.biometryType { case .faceID: reason = NSLocalizedString("Face ID authentication reason", comment: "Face ID authentication reason") deniedMsgKey = "Face ID login denied message" case .touchID: reason = NSLocalizedString("Touch ID authentication reason", comment: "Touch ID authentication reason") deniedMsgKey = "Touch ID login denied message" default: return } } context.evaluatePolicy(.deviceOwnerAuthenticationWithBiometrics, localizedReason: reason) { success, error in if success { // Send accepted response } else { // Authentication failed, send denied response } } } else { // Could not evaluate biometric policy, present appropriate error }
Next steps
Generate offline TOTP