Skip to main content

Authentication Diagrams

Username and Password Authorization Flow

Username and Password Authorization Flow

sequenceDiagram
participant User
participant App
participant Server
User->>App: Enter username and password
App->>Server: Send username and password
Server-->>App: Send auth result
App-->>User: Display auth result

Biometrics Flow for Username and Password Initial Login

Biometrics Flow for Username and Password Initial Login

sequenceDiagram
participant User
participant Keychain
participant App
participant Server
User->>App: Enter username and password
App-->>User: Do you want to login with biometrics next time?
User->>App: Yes!
App->>Keychain: Here is the username and pw for this app, keep it safe, please
App->>Server: Send username and password
Server-->>App: Send auth result
App-->>User: Display auth result

Biometrics Flow for Username and Password Subsequent Login

Biometrics Flow for Username and Password Subsequent Login

sequenceDiagram
participant User
participant Keychain
participant App
participant Server
App->>Keychain: Is there a username and pw saved for this app?
Keychain-->>App: Yes there is!
App->>User: Can I please have your biometrics?
User-->>App: Here you go!
App->>Keychain: Here are the biometrics, can you send the username/pw to me?
Keychain-->>App: Here are the username and pw.
App->>Server: Send username and password
Server-->>App: Send auth result
App-->>User: Display auth result

VA: Health and Benefits Biometrics Initial Login

Health and Benefits Biometrics Initial Login

sequenceDiagram
participant User
participant Secure App Storage
participant App
participant SIS
participant Identity Provider
User->>App: Tap Login button
App->>SIS: Start the sign in process
SIS->>User: Which Identity Provider do you want?
User-->>SIS: This one please.
SIS-->>Identity Provider: Please authenticate this person at IAL2/AAL2/LOA3
Identity Provider->>User: Please send your username and password
User-->>Identity Provider: Here they are
Identity Provider-->>SIS: It's them, I'm sure of it
SIS-->>App: Here is a code to get your tokens
App->>SIS: Please create a token and session for me
SIS-->>App: Done and done! Here is the token
App->>User: Do you want to use biometrics to log in?
User-->>App: Yes please!
App->>Secure App Storage: Please hang on to this for us and lock it with biometrics
Secure App Storage-->>App: You got it!
App-->>User: Display Auth Result

VA: Health and Benefits Biometrics Subsequent Login

Health and Benefits Biometrics Subsequent Login

sequenceDiagram
participant User
participant Secure App Storage
participant App
participant SIS
App->>Secure App Storage: Is there a stored token?
Secure App Storage-->>App: Yes there is
App->>User: Can I please have your biometrics?
User-->>App: Here you go!
App->>Secure App Storage: Here are the biometrics, can you send the token to me?
Secure App Storage-->>App: Here it is!
App->>SIS: Can I get a refreshed token, please? Here is the old one.
SIS-->>App: Here you go, one new token.
App-->>User: Display Auth Result

In order to regenerate these graphs, add 'mermaid' to the end of the ``` at the beginning of each codeblock