Product DocumentationVersion 9.1+ Documentation
HYPR User GuidePostman APILegacy WFALegacy SDK

QR Fallback

HYPR Mobile App

For instances where a HYPR Mobile App device has a broken camera, this feature provides users a fallback mechanism to still register and authenticate without having to scan a QR code using the HYPR Mobile App.

When the server gets the QR Fallback request, it caches the expected payload from the QR image as a .JSON string, then uses it to generate an activation code, which the user then enters to pair the device. In keeping with already existing HYPR precedents in the HYPR Passwordless client for offline authentication recovery codes, the code consists of six alphanumeric characters. This random activation code is generated securely via OWASP-recommended methods.

Developers who want to leverage this functionality can do so by reading QR Fallback Controls.

QR Fallback When Pairing

QR Fallback from Device Manager

The user experience assumes the following:

  • The user's device has either a broken or disabled camera; or perhaps using the camera is not allowed; or the user just does not wish to use it
  • HYPR Mobile App is installed on the device

Here's how it works:

  1. Initiate a QR Code pairing attempt in HYPR Device Manager (web-based CC Applications).
  2. Do not scan the offered QR code, and instead click Pair manually next to the QR code image in Device Manager.
  1. Two values appear:
    • The APP NAME: The Control Center baseURL
    • The PIN: A six-character activation code
  1. On the HYPR Mobile App, open the QR scanner and click the button to Enter Code Manually.
    If you are on a mobile device browser, when prompted to open HYPR, click Log in manually.

    πŸ“˜

    First Timers

    If this is the first time you have tried to pair a device with the HYPR Mobile App, you may be asked to grant permissions to use the Camera. If you decline, HYPR will automatically open the Activation Code entry dialog; move on to the next step.

  1. Input the App Name and PIN provided earlier into the HYPR Mobile App. The PIN must be all lowercase characters.
  1. Tap Submit to finish pairing.

You have now manually paired a HYPR Mobile device.

QR Fallback from the HYPR Passwordless Client

The user experience assumes the following:

  • The user's device has either a broken or disabled camera; or perhaps using the camera is not allowed; or the user just does not wish to use it
  • HYPR Mobile App is installed on the device
  • HYPR Passwordless is installed on the workstation

Here's how it works:

  1. Initiate a QR Code pairing attempt in HYPR Passwordless (workstation-based CC Applications).
  2. Do not scan the offered QR code, and instead click Pair manually next to the QR code image.
  1. Two values appear:
    • The APP NAME: The Control Center baseURL
    • The PIN: A six-character activation code
  1. On the HYPR Mobile App, open the QR scanner and click the button to Enter Code Manually.
    If you are using a mobile device browser, when prompted to open HYPR, click Log in manually.
  1. Input the App Name and PIN provided earlier into the HYPR Mobile App. The PIN must be all lowercase characters.
  1. Tap Submit to finish pairing.

You have now manually paired a HYPR Mobile device.

QR Fallback Login

QR Fallback from the Desktop Login

HYPR Passwordless client provides QR Fallback at the login screen if you cannot use the camera on your device.

To initiate QR Fallback:

  1. Click Can't scan the QR code?. The Scan QR to Login dialog appears. It shows a larger QR code that may be attempted again.
    Alternatively, the APP NAME and PIN are listed below to be used with the HYPR Mobile App.
  1. On the HYPR Mobile App, open the QR scanner and click the button to Enter Code Manually.
  1. Input the App Name and PIN provided earlier into the HYPR Mobile App. The PIN must be all lowercase characters.
  1. Tap Submit to complete the login.

QR Fallback from a Desktop Web Login

QR Fallback is available when logging into an application on a web browser. To login to a web application using QR Fallback:

  1. Initiate your application login as you would normally. When presented with the choice of authentication methods, type your username and choose HYPR Mobile App.
  1. The option to scan a QR Code appears. Click Log in manually.
  1. A dialog appears with two values:
    • The APP NAME: The Control Center baseURL
    • The PIN: A six-character activation code
  1. On the HYPR Mobile App, open the QR scanner and click the button to Enter Code Manually.
  1. Input the App Name and PIN provided earlier into the HYPR Mobile App. The PIN must be all lowercase characters.
  1. Tap Submit to complete the login.

QR Fallback Login from a Mobile Web Login

Likewise, QR Fallback works for web applications when accessed via a mobile device that has the HYPR Mobile App installed.

  1. Attempt to open a QR Login link using your mobile device's browser.
  2. Because a phone cannot scan the QR Code displayed by its own browser, an option to Open HYPR is offered. Tap it to access the activation codes.
  1. A dialog appears with two values:
    • The APP NAME: The Control Center baseURL
    • The PIN: A six-character activation code
  1. On the HYPR Mobile App, open the QR scanner and click the button to Enter Code Manually.
  1. Input the App Name and PIN provided earlier into the HYPR Mobile App. The PIN must be all lowercase characters.
  1. Tap Submit to complete the login.

Updated 4 months ago