Authentication methods
Integrators have two options when creating a user account. This method will be used in the future to authenticate the user when making transactions.| Auth Method | Description |
|---|---|
| OTP via email | This method is easier to implement, but is a little less secure, since it relies on access to the end user’s email account. |
| Passkey | This method is more cryptographically secure, since it directly links the end user’s device to authentication, but is a bit more technically challenging to implement. |
OTP via email
Method setup: User does not need to do anything to set up this method. Making transactions:- Prepare the transaction: The user calls the
/query/get-[action]endpoint to receive an OTP via email. - Authenticate with OTP: The user will receive an OTP code via email and needs to enter it in the user interface.
- Complete the transaction: The user calls the
/submit/[action]endpoint to sign and execute the transaction with the OTP code.
Passkey authentication
Method setup: By choosing this method, the user will be prompted to add their passkey to their device, either through the browser’s built-in passkey management, through a third-party passkey manager, or through their mobile device’s passkey management. This passkey will be used to authenticate the user when making transactions. A same user can have multiple passkeys, and can use different passkeys for different purposes. Making transactions:- Prepare the transaction: The user calls the
/query/get-[action]endpoint to receive the passkey authentication options. - Authenticate with passkey: The user will be prompted to authenticate with their device’s passkey previously added (finger print, face recognition, etc.).
- Complete the transaction: The user calls the
/submit/[action]endpoint to sign and execute the transaction with the passkey.