Mobile SDK Integrations

Public Endpoints

This section covers which endpoints are publicly exposed and can be used by the mobile app to trigger a device registration, authentication, or de-registration.

Endpoints used by SDKs

/rp/fido/get

/HYPR/conformance/Get

/rp/fido/send/reg

/HYPR/conformance/Send/Reg

/rp/fido/get

/HYPR/conformance/Get

/rp/fido/send/auth

/HYPR/conformance/Send/Auth

/rp/fido/get

/HYPR/conformance/Get

Facet Management

Facets are a way of managing mobile app access to a FIDO Control Center application. Think of a facet as a mobile app unique identifier that is allowed to accept and process policies created within the Control Center.

  1. Adding a Facet ID to the RP
    a. Get the Auth token:
curl -X POST "<rp url>/HYPR/rest/login" -H "accept: application/json" -H "API_KEY: <API Key from Control Center> " -H "Content-Type: application/x-www-form-urlencoded" -d "appId=<App ID from Control Center>"
{"AUTH_TOKEN":"<Auth token>"}

b. Example of getting the Auth Token:

curl -X POST "https://rp.url.com/HYPR/rest/login" -H "accept: application/json" -H "API_KEY: lpoooqitbk9sq3irpkjbetdcft" -H "Content-Type: application/x-www-form-urlencoded" -d "appId=hYPRAndroidTestQAApp"
{"AUTH_TOKEN":"d6a30514-af36-4e80-99b0-e93fb5dd2f64"}

c. Adding the Facet ID (Get this from the mobile app's logs)
d. Add the Facet ID:

curl -X POST "<rp url>/HYPR/rest/usermanagement/addFacet" -H "accept: application/json" -H "AUTH_TOKEN: <Auth Token>" -H "Content-Type: application/json" -d "{\"facetId\":\"YOUR_FACET_ID\"}"
cURL Result: true or false depending on success

e. Example of adding the Facet ID:

curl -X POST "https://rp.url.com/HYPR/rest/usermanagement/addFacet" -H "accept: application/json" -H "AUTH_TOKEN: d6a30514-af36-4e80-99b0-e93fb5dd2f64" -H "Content-Type: application/json" -d "{\"facetId\":\"YOUR_FACET_ID\"}"
cURL Result: true or false depending on success

Plugins

Plugins allow you to customize the registration and authentication process by building custom logic that is invoked by the Control Center.

Testing and Validating Setup

Now that your FIDO Control Center is up and running, test your mobile app. Make sure to add your mobile app Facet ID to the database. Then use the public endpoints to test registration, authentication, and de-registration.