Authenticate with password

This page covers how to set up your ReachFive project to allow users to authenticate with either a phone number, email, or custom identifier. Authenticating with a password is a well-known authentication approach and is available for your users with ReachFive. This can be accomplished using our SDK or via our Identity API.

Use Postman?

If using Postman, we have provided you with a simple Postman collection to test out the API calls.

Authentication flow overview

This flow shows the overall flow for a user authenticating with a password. The steps in the following section take a closer look at each operation in the flow.

%%{init: {'theme': 'base', 'themeVariables': { 'primaryColor': '#00c24a', 'fontSize': '20px', 'noteBkgColor': '#c1c1c1', 'edgeLabelBackground':'#eee', 'tertiaryColor': '#e1e1e1'}}}%%
sequenceDiagram
autonumber
    User->>App: Request login
    Note over App,R5: loginWithPassword
    R5->>App: If success, receive tkn
    App->>R5: tkn for authorization_code
    Note over App,R5: oauth/authorize
    R5->>App: receive authorization_code
    App->>R5: authorization_code for access token
    Note over App,R5: oauth/token
    R5->>App: Provide access_token
    App->>User: Successful login
    Note over App,User: Redirects to redirect_uri

Authentication steps

The steps here provide a general implementation overview for the Identity API, and provide the Core SDK and UI SDK associated methods.

User provides credentials to log in. A temporary tkn is sent back in response.
Calls
- Core SDK: loginWithPassword
  
  If using the Core SDK loginWithPassword method approach, the method initiates a series of calls to our Identity API including generating the PKCE code_verifier, code_challenge, and provides the code_challenge_method if using the PKCE flow.
- UI SDK: showAuth
  
  The UI SDK showAuth method is used to display the login with password options.
- Identity API: loginWithPassword

You (the brand) exchange the temporary tkn to get the authorization_code.

Calls

Identity API: authorizeUser

%%{init: {'theme': 'base', 'themeVariables': { 'primaryColor': '#00c24a', 'fontSize': '20px', 'noteBkgColor': '#c1c1c1', 'edgeLabelBackground':'#eee', 'tertiaryColor': '#e1e1e1'}}}%%
sequenceDiagram
    App->>R5: tkn for authorization_code
    Note over App,R5: oauth/authorize
    R5->>App: receive authorization_code

You then exchange the authorization_code to get an Access Token, ID Token, and/or a Refresh Token.
Calls
- Identity API: retrieveAccessToken