Technical Guide

orgId

String

Set to the company's organization ID, as displayed on the BlueFletch Portal Admin - Organization page here.

networkCheckUrls

Array<String>

Set as list of urls to check for connection to determine if offline mode should be engaged.

enableOfflineMode

Boolean

Set as `true` if BF Identity Auth should check for connection and use offline mode if network checks fail.

group

String

The `group_inclusion` app group that should be used in offline mode. Offline mode will only show the apps in this group.

apiUrl

String

Set to the BF Identity cloud service url. Currently is “https://idp.bluefletch.com”.

apiKey

String

Set to a generated API key in the Identity Manager section of BlueFletch Portal.

enableUserPhoto

Boolean

Set to `true` if supporting user image storage. When users activate the Identity Kiosk they will be asked to take a photo that we will store. Currently photos are not supported in BF Identity Auth so this should be set to “false”.

kioskInactivityAlertInSeconds

Integer

Set to the amount of idle time should be allowed while a user has started the activation flow on the Identity Kiosk. After this much idle time has passed an alert will be presented to the user asking them if they need more time.

kioskInactivityEndSessionInSeconds

Integer

Set to the amount of time the idle alert dialog should wait until the session is ended and the app returns to the home screen. The alert dialog will show an indicator of how much time the user has to request more time or the app will revert to the home screen.

useSecondaryAuth

String

Indicates type of secondary auth during re-authorization. Values are "none", "pin", "face", "nfc", and "barcode". Default is "none". Select “pin” if reauthentication should only require the pin and not scanning the qr code credentials with the pin.

secondaryAuthPinLength

Integer

Set this as the minimum number of digits required for secondary authentication with PIN. Minimum value is 4, default is 6 if not specified. Should be the same as pinMaxLength.

pinMaxLength

Integer

Set to the desired maximum length of the authentication pin code created by users. This can be set to a number between 4 and 10 inclusive.

pinAutoSubmit

Boolean

Set to `true` if the Identity Kiosk and Auth application should automatically submit a pin when the user has entered a pin of the max length. If `false` the user will have to manually press the submit button.

pinEnforceSequentialRule

Integer

Set to `true` if the sequential rule should be applied during pin creation in the Identity Kiosk application. The sequential rule is defined as:

Prevents PINs with 4 or more of the same digit in a row.

Examples:

• ❌ 1111 - REJECTED (4 ones)

• ❌ 5555 - REJECTED (4 fives)

• ❌ 123111 - REJECTED (contains "1111")

• ❌ 990000 - REJECTED (contains "0000")

• ✅ 1123 - ALLOWED (only 2 ones together)

• ✅ 112233 - ALLOWED (max 2 consecutive)

pinEnforceConsecutiveRule

Integer

Set to `true` if the consecutive rule should be applied during pin creation in the Identity Kiosk application. The consecutive rule is defined as:

Prevents PINs with 4 or more sequential digits (either ascending or descending)

Examples - Ascending:

• ❌ 1234 - REJECTED (sequential: 1→2→3→4)

• ❌ 5678 - REJECTED (sequential: 5→6→7→8)

• ❌ 001234 - REJECTED (contains "1234")

• ✅ 1357 - ALLOWED (not sequential)

• ✅ 1324 - ALLOWED (not in order)

Examples - Descending:

• ❌ 4321 - REJECTED (reverse sequential: 4→3→2→1)

• ❌ 9876 - REJECTED (reverse sequential: 9→8→7→6)

• ❌ 123210 - REJECTED (contains "3210")

• ✅ 7531 - ALLOWED (not sequential)

pinEnforceBlackList

String

Set to a comma separated list of specific pin codes that are automatically rejected.

Example blacklist: "0000,1234,1111,9999".