Alternate Secondary Authentication
Last updated
Last updated
A device can also be configured to have two options available for secondary authentication. After entering login credentials, the authentication flow proceeds to the screen to setup or train recognition for the primary secondary authentication method, as configured by useSecondaryAuth
(i.e. create and confirm a PIN, scan an NFC tag, etc. ). If configured with a different value for alternateSecondaryAuth
, the screen will include an option to switch to training the alternative reauthentication method.
Once one of the two secondary authentication options is selected and trained, the authentication flow will proceed to the logged-in state. Upon unlocking the device from sleep, only the reauthentication method that was selected and trained - primary or alternate - will be available to unlock the device.
The following key-value pairs can be set within the settings
object of the Launcher configuration JSON file.
useSecondaryAuth
string
Indicates type of secondary auth during re-authorization. Values are "none"
, "pin"
, "face"
, "nfc"
, and "barcode"
. Default is "none"
.
alternateSecondaryAuth
string
Sets an alternative secondary authentication method available during reauthentication training. Accepted values are "pin"
, "face"
, "nfc"
, and "barcode"
. Only applied if useSecondaryAuth
is set and is a different value than alternateSecondaryAuth
.