mfaStart(WithStepUp)

AppDelegate.reachfive().mfaStart(
    stepUp: StartStepUp.<AuthTokenFlow | LoginFlow> (1)
)
1 Depending on your requirements, this will either be AuthTokenFlow or LoginFlow.

About this command

Starts the step-up process for the MFA flow. This method handles two cases:

  • AuthTokenFlow: for the traditional step-up flow which requires an auth token.

  • LoginFlow: for initiating the step-up flow using loginWithPassword.

The presence of an active session cookie is required. It is automatically retrieved by the function.

Examples

  • AuthTokenFlow

  • LoginFlow

import Reach5

let scope = ["openid", "email", "profile", "phone", "full_write", "offline_access"]

do {
    let response = try await AppDelegate.reachfive().mfaStart(
        stepUp: .AuthTokenFlow(
            authType: "email",
            authToken: profileAuthToken,
            scope: scope
        )
    )
    // Do something
} catch {
    // Return a ReachFive error
}
import Reach5

let scope = ["openid", "email", "profile", "phone", "full_write", "offline_access"]

do {
    let response = try await AppDelegate.reachfive().mfaStart(
        stepUp: .LoginFlow(
            authType: "email",
            stepUpToken: "stepUpToken123",
            redirectUri: "https://example.com/callback",
            origin: "ios-app"
        )
    )
    // Do something
} catch {
    // Return a ReachFive error
}

Parameters

stepUp

Contains the necessary fields to begin the step up process.

  • AuthTokenFlow

  • LoginFlow

  • authType: The authorization type. This is email or sms. required

  • authToken: The authorization token. required

  • scope: The defined scope such as openid, email, or phone_number.

  • redirectUri: The URL to which the user is redirected. This URL must be whitelisted in the Allowed Callback URLs field of your ReachFive client settings.

  • origin: The domain of the origin. It must be a valid URL.

  • action: A string describing the action for the MFA flow. You can value this with whatever you like. It should match the value you describe in your MFA templates.

    We recommend using meaningful values like login or transaction to help better align with MFA email and SMS templates.

  • trustDevice: Boolean indicating if the device should be trusted or not.

  • true = trust the device

  • false = do not trust the device

    This option only applies during registration when the second factor is already verified and the user doesn’t need to enter a verification code to complete enrollment.

AppDelegate.reachfive()
    .mfaStart(stepUp: StartStepUp.AuthTokenFlow(
        authType: "email",
        scope: scope,
        redirectUri: "https://example.com/callback",
        authToken: profileAuthToken,
        origin: "ios-app",
        action: "signup"
    ))

  • authType: The authorization type. This is email or sms. required

  • stepUpToken: A new token generated during the login process. required

  • redirectUri: The URL to which the user is redirected. This URL must be whitelisted in the Allowed Callback URLs field of your ReachFive client settings.

  • origin: The domain of the origin. It must be a valid URL.

AppDelegate.reachfive()
    .mfaStart(stepUp: StartStepUp.LoginFlow(
        authType: "email",
        stepUpToken: "stepUpToken123",
        redirectUri: "https://example.com/callback",
        origin: "ios-app"
    ))

Response

Error response

ReachFiveError

Based on the problem, the ReachFiveError will be:

  • AuthCanceled: The user cancelled the request or no credential was available in the keychain.

  • RequestError(apiError: ApiError) for a Bad Request (status 400) error.

  • AuthFailure(reason: String, apiError: ApiError?) mainly for Unauthorized (status 401) error.

  • TechnicalError(reason: String, apiError: ApiError?) if it’s an Internal Server Error (status 500) or other internal errors.

ApiError

error string

The main error message.

errorId string

The identifier of the error.

errorUserMsg string

The user-friendly error message.

This property is translated according to the user’s OS and app settings. Currently supported languages:
Currently supported languages

  • ar - العربية Arabic

  • de - Deutsch German

  • en - English

  • es - Español Spanish

  • fr - Français French

  • hu - Magyar Hungarian

  • it - Italiano Italian

  • jp - 日本 Japanese

  • ko - 한국인 Korean

  • nl - Nederlands Dutch

  • pt - Portuguese

  • ru - Ру́сский Russian

  • sk - Slovenský Slovak

  • zh-CN - People’s Republic of China Simplified Chinese

  • zh-Hans - Simplified Chinese

  • zh-Hant - Traditional Chinese

  • zh-HK - Hong Kong Traditional Chinese

  • zh-MO - Macao Traditional Chinese

  • zh-SG - Singapore Simplified Chinese

  • zh-TW - Taiwan Traditional Chinese

errorMessageKey string

The error message key.

errorDescription string

The technical error message.

errorDetails FieldError[]

field string

The field concerned by the error.

message string

The message error returned for the field.

code string

The code error returned for the field.