startStepUp

About this command

Initiates the step up process needed for the MFA flow and starts the passwordless flow by sending an email or SMS to the user with a single-use auth code or access token (depending on the response type).

You can initiate the step up with an authToken or with with the tkn received from loginWithPassword.

The Passwordless feature must be enabled on your ReachFive Console account. The SMS feature must be enabled on your ReachFive Console account if the profile can choose a phone number to login.

Examples

  • startStepUpFlow: authToken

  • startStepUpFlow: login

import com.reach5.identity.sdk.core.models.AuthToken
import com.reach5.identity.sdk.core.models.Profile

client.startStepUp(
    startStepUpFlow = startStepUpAuthTokenFlow,
    authType = "sms",
    redirectUri = "reachfive-${clientId}://callback",
    scope = setOf("openid", "profile", "phone"),
    success = { _ -> ... }, // Do something
    failure = { error -> ... }, // Handle a ReachFive error
    origin = "https://dev-sandbox-268508.web.app",
)
import com.reach5.identity.sdk.core.models.AuthToken
import com.reach5.identity.sdk.core.models.Profile

client.startStepUp(
    startStepUpFlow = startStepUpLoginFlow,
    authType = "sms",
    redirectUri = "reachfive-${clientId}://callback",
    scope = setOf("openid", "profile", "phone"),
    success = { _ -> ... }, // Do something
    failure = { error -> ... }, // Handle a ReachFive error
    origin = "https://dev-sandbox-268508.web.app",
)

Parameters

authToken AuthToken

Authorization token of the profile retrieved from login.

idToken string

The ID token JSON Web Token (JWT) that contains the profile’s information.

accessToken string

The authorization credential JSON Web Token (JWT) used to access the ReachFive API.

amr string[]

Authentication Methods Reference. It indicates the method(s) used during the authentication process

refreshToken string

The refresh token JSON Web Token (JWT) used to obtain new access tokens once they expire.

stepUpToken string

The step up token used to continue the step up flow and validate the user for authentication purposes.

This only applies for MFA flows.

tokenType string

The type of token. Always equal to Bearer.

expiresIn number

The lifetime in seconds of the access token.

If expiresIn is less than or equal to 0, the AuthToken is expired.

user OpenIdUser

The user’s information contained in the ID token.

startStepUpFlow

Starts the step up flow with either an authToken which contains activity or with the stepUpToken received from loginWithPassword.

  • startStepUpAuthTokenFlow

  • startStepUpLoginFlow

Initiates the step up flow with the authToken.

StartStepUpAuthTokenFlow(authToken: AuthToken, activity: Activity)

Initiates the step up flow with the stepUpToken from the loginWithPassword method.

StartStepUpLoginFlow(stepUpToken: String)

authType string

The type of passwordless authentication.

Allowed values:

  • email

  • sms

failure function

Callback called once the request has failed. You’ll get a ReachFiveError as an argument.

origin string

Free text parameter describing the source of the login (only for reporting purposes).

redirectUri string

The URL where the user will be redirected after the passwordless success. Default value is reachfive-${clientId}://callback.

scope string[]

List of space-delimited, case-sensitive strings representing the requested scope.

Default scopes are the allowed scopes set up in the client’s configuration.

success function

Callback called once the request has succeeded.

Response

challengeId string

The code challenge ID to verify the user.

Error response

Type: Unit

ReachFiveError

message string

The message of the error.

getErrorCode() ErrorCode

The error code’s enumeration value.

code string

The HTTP status code or SDK error code.

exception string

The stack trace of the error.

data ReachFiveApiError

Additional data about the error.

error string

The main error message.

errorId string

The identifier of the error.

errorUserMsg string

The user-friendly error message.

This property is translated according to the user’s browser settings. Currently supported languages:
Currently supported languages
  • ar - العربية Arabic

  • de - Deutsch German

  • en - English

  • es - Español Spanish

  • fr - Français French

  • hu - Magyar Hungarian

  • it - Italiano Italian

  • jp - 日本 Japanese

  • ko - 한국인 Korean

  • nl - Nederlands Dutch

  • pt - Portuguese

  • ru - Ру́сский Russian

  • sk - Slovenský Slovak

  • zh-CN - People’s Republic of China Simplified Chinese

  • zh-Hans - Simplified Chinese

  • zh-Hant - Traditional Chinese

  • zh-HK - Hong Kong Traditional Chinese

  • zh-MO - Macao Traditional Chinese

  • zh-SG - Singapore Simplified Chinese

  • zh-TW - Taiwan Traditional Chinese

errorMessageKey string

The technical error code.

errorDescription string

The technical error message.

errorDetails ReachFiveApiErrorDetails

  • field - The field concerned by the error.

  • message - The message error returned for the field.