Help

1 min read

Account

Last Updated - Platform 25.0 - SDK 20.0

The Account is an optional feature, built using the Account API, which encompasses user specific features. The backend should be set up (likely to be bespoke) to integrate with your auth system and return valid JWTs for authentication.

Account 

# Account Content
myprofile


# Login
login


# Register
signup


# Profile
editMyProfile

These deeplinks are dated and are likely to be improved in the future. It is easy to define new custom deeplinks.

Set up

To set up the Account features:

  1. Ensure the SDK and Platform are set up following the poq SDK set up steps.
  2. Add the PoqAccount framework to your project following these steps.
  3. Ensure the Account API is working for login / register returning valid tokens.

The myprofile account content screen is the default replacing tab5 when set up.

Authentication

The SDK Account features use Keychain to securely store the user. For security regulations, by default, we require a device passcode to use Keychain. If a passcode is not set, or there is an issue with the user's Keychain, the app will present an error then keep the user in memory for the duration that the app is running. When the app stops running the user is lost and will need to login again.

For the authentication flow the app is considered a dumb client to avoid causing issues that harm the app or server. The app will not request authentication unless challenged to do so by the BE returning a 401.

Password Validation

The SDK uses MightyBot by default for dynamic password validation. However, it is much better to set static password rules in code to allow the OS to suggest strong passwords.