Skip to main content

Reply to push notification

This topic explains how to set up the reply to the push notification. Complete this step if you are using the Identity Platform MFA methods push-to-accept, symbol-to-accept, or biometric. If you are using only TOTP, see "Generate offline TOTP" for steps.

At this point in the workflow, the end user has received a push notification and must send an accept or deny reply.

  1. In the userNotificationCenterDelegate method, userNotificationCenter(_:didReceive:withCompletionHandler:), create a SecureAuthNotification object by passing the response’s userInfo dictionary.

    var notification = SecureAuthFramework.SecureAuthNotification(with:
response.notification.request.content.userInfo) 
notification.date =
response.notification.date

  2. Create a LoginViewModel object which is used to send the response for the push notification.

    // Pass the notification
object created above and the secureAuth object from above
let model = LoginViewModel(notification, secureAuth: secureAuth)

  3. Depending on the category of the notification (PAN, SPAN, BPAN), present the appropriate UI for the notification.

    1. For notification category PAN (Push Accept Notification), display Accept/Deny buttons for the user to send the appropriate response. Call model.sendLoginResponse(LoginStatus.ACCEPTED/LoginStatus.DENIED, category: SecureAuthNotification.Category.PAN) to send an ACCEPT or DENY response back to the server.

    2. For notification category SPAN (Symbol Push Accept Notification), display the symbols given by notification.pushSymbols. The user must tap the correct symbol to send an ACCEPT response; if the user taps the wrong symbols, a DENY response is sent.

    3. For notification category BPAN (Biometric Push Accept Notification), check if biometric authentication can proceed and if so, present the biometric authentication prompt to the user.

      let context = LAContext()
        var error: NSError?
        context.localizedFallbackTitle = ""
        if context.canEvaluatePolicy(.deviceOwnerAuthenticationWithBiometrics, error: &error) {
            var reason = NSLocalizedString("Default authentication reason", comment: "Default authentication reason")
            var deniedMsgKey = ""
            if #available(iOS 11.0, *) {
                switch context.biometryType {
                case .faceID:
                    reason = NSLocalizedString("Face ID authentication reason", comment: "Face ID authentication reason")
                    deniedMsgKey = "Face ID login denied message"
                case .touchID:
                    reason = NSLocalizedString("Touch ID authentication reason", comment: "Touch ID authentication reason")
                    deniedMsgKey = "Touch ID login denied message"
                default:
                    return
                }
            }
            
            context.evaluatePolicy(.deviceOwnerAuthenticationWithBiometrics, localizedReason: reason) { success, error in
                if success {
                    // Send accepted response
                } else {
                    // Authentication failed, send denied response
                }
            }
        } else {
            // Could not evaluate biometric policy, present appropriate error
        }

Next steps

Generate offline TOTP

In this section: