During Authentication
Last updated
Last updated
When you are authenticating users using Trusted Devices, Biometric or Pin, Cotter allows you to optionally request OAuth Tokens to be returned in addition to the . The authentication_method
specified will be either TRUSTED_DEVICE
, BIOMETRIC
or PIN
.
In the , you would follow this guide to When the user successfully authenticated, either from a Trusted Device or when the user approved a login from a Non-Trusted Device, you would receive a
To also receive OAuth Tokens, modify your code by adding getOAuthToken = true
in the parameters:
In the onRequestSuccess
, you'll receive the following response:
Cotter's React Native SDK automatically store your tokens securely inside the device's secure storage.
Tokens must be stored securely within your application.
You need to pass the access_token
to your backend server on every API calls. You also need to remove the tokens from storage to log out your users. Check out how to do that here:
Access tokens and ID tokens expires in 1 hour. When they're expired, you need to use the refresh_token
to get new tokens. Check out how to renew expired tokens: