Below is the workflow of a challenge & response process
| The 3rd-Party application calls the Dualshield API /auth/generate to generate a Challenge Code |
| Expand |
|---|
| title | /auth/getChallengeCode |
|---|
|
|
... | | Include Page |
|---|
| auth.getChallengeCode |
|---|
| auth.getChallengeCode |
|---|
|
|
|
| The 3-Party application displays the Challenge Code on the screen |
|
| The user opens the MobileID app, and switches to the C/R page |
|
| The user enters the Challenge Code in the MobnileID app |
|
| The users presses "Generate Response" to generate the Response Code |
|
| The user enters the Response Code in the 3-Party application |
|
| The 3rd-Party application calls the Dualshield API /auth/verifyResponse to verify the Response Code |
|
|
|