Block Multiple Login

Summary

When the Block Multiple Login feature is enabled, the system checks whether a user is already logged in on another device before allowing them to complete the login process. This check is performed after IdP login is complete and before secondary authentication training.

The system sends a request to the configured endpoint with the user's device ID and user ID to determine if they are currently logged in elsewhere. Based on the response and configuration settings, the user may be blocked from logging in, or allowed to proceed based on bypass settings.

If the endpoint returns that the user is already logged in elsewhere, the system displays an alert dialog informing the user that multiple device logins are not allowed. When a network error occurs during the check, the user's options depend on the bypassOnNetworkFailure configuration setting.

User Already Logged In:

If bypassOnNetworkFailure is false: Display alert with CLOSE button only. Closing the dialog cancels login and returns to launcher with an authBlocked app event.
If bypassOnNetworkFailure is true: Display alert with CLOSE and OVERRIDE buttons. CLOSE cancels login with authBlocked event. OVERRIDE continues login with authBlockOverride event.

Network Error:

If bypassOnNetworkFailure is false: Display alert with CLOSE button only. Login is cancelled and user returns to launcher.
If bypassOnNetworkFailure is true: Display alert with CLOSE and OVERRIDE buttons. User can either cancel or override the network error to continue.

User Not Logged In:

Alert Dialog

The error alert dialog displays the following information:

Title: Login Blocked

Message: You are logged in on another device, multiple device logins are not allowed. If you feel this is in error notify Help Desk.

Configuration

The following key-value pairs can be set within the appConfig.bfAuth object of the Launcher configuration JSON file.

Key

Type

Description

enable

Boolean

Enables or disables the Block Multiple Login feature. Default is false.

checkLoginAllowUrl

String

The URL of the endpoint to check if the user is allowed to login (e.g., https://data-service.example.com/playbook/apiv1/device/check-user-login).

bypassOnNetworkFailure

Boolean

When true, allows users to override network errors during the login check. When false, network errors block login. Default is false.

Example Configuration

{
  "appConfig": {
    "bfAuth": {
      "blockMultipleLogin": {
        "enable": true,
        "checkLoginAllowUrl": "https://data-service.example.com/playbook/apiv1/device/check-user-login",
        "bypassOnNetworkFailure": false,
        ...
      }
    }
  }
}

App Events

The following app events are generated during the login blocking process:

authBlocked: Fired when login is blocked due to user already logged in elsewhere or network error (and user chooses CLOSE). Event details include { userId: 'xxxx' }.
authBlockOverride: Fired when user chooses to override a network error and continue with login. Event details include { userId: 'xxxx' }.

PreviousAlternate Secondary Authentication NextTechnical Guide

Last updated 6 days ago

hashtagSummary

hashtagLogin Blocking Scenarios

hashtagAlert Dialog

hashtagConfiguration

hashtagExample Configuration

hashtagApp Events

Summary

Login Blocking Scenarios

Alert Dialog

Configuration

Example Configuration

App Events