Welcome to the final part of the Passwordless authentication process with SAP CDC series.
This blog series mainly focuses on how we implement the passwordless authentication using SAP CDC. This is a continuation to the
Part 3 which explains how to implement one of the SAP CDC passwords less authentication which is Email OTP and Magic Link authentication methods. Part 4 will cover the next password authentication type of SAP CDC that is Push Authentication.
If you haven’t already, please also check out
Part 1,
Part 2 and
Part 3 of the series.
Part 1:
Phone Number Login
Part 2:
FIDO Authentication (Passkey)
Part 3:
Email OTP and Magic Link
Part 4:
Push Authentication (Current)
Push Authentication:
SAP CDC supports Push Authentication method to authenticate the users to the site without a password. Push Authentication is one of the most secure and user-friendly forms of authentication. Instead of typing in a password or one-time passcode, users will receive a push notification to confirm authentication to the Customers web site.
Pre-requisites:
- This feature requires mobile the app running on the user’s mobile devices.
- You need a working push notification/messaging account with Google Firebase. Register your mobile application in Firebase cloud messaging tab.
- Firebase Server Key must be configured in the SAP CDC Push Authentication setting.
Push Authentication user flow is as below:
The customer initially registers on your website using their email or username and creates a password. Later, when they log in to your mobile app, they can use the same email or username.
On subsequent website logins, the customer has the option to authenticate either with their password or via a push notification.
If they select push notification, a message is dispatched to their mobile phone. Upon confirming this notification, the user is authenticated on your website.
Configuration:
- Firstly, configure the mobile app to receive push notifications from CDC. For this you need to register your mobile application with the Firebase account to receive remote authentication push messages. Follow the link to correctly register the Firebase with your mobile app.
- Use the Android SDK v4+ which uses Auth 1.0.0 library. The SDK can be downloaded here.
- Enable the Push Authentication type under Identity > Security > Authentication in SAP CDC.
- Update the Firesbase message server key in the Push Authentication setting in SAP CDC. You will find the Message Server Key under Cloud Messaging tab from your Firebase account.
- Once the device is successfully registered with Firebase, the user will receive a push notification on the mobile app like below to complete login to the Website.
- Push Authentication is implemented using following screens from PasswordlessLogin screenset.
- Configure the Passwordless Login screen with customer specific styling. On submitting the Email, the user will be navigated to Auth Methods screen if no authentication method is selected before. Make sure you keep the Auth Methods screen as the on success screen in Passwordless Login screen.
- The user can choose Authentication type, if he chooses password, they can enter password. If they choose Push Notification, they will receive a popup in their mobile app to approve the login.