AuthenticationLast Updated - Platform 25.0 - SDK 20.0
The PoqSDK uses the
Authenticator to authenticate requests and handle auth errors returned from the backend.
The Account SDK injects the
PoqAccountAuthenticator with the following flow.
The iOS app makes no upfront attempts to authorise the user. User authorization only happens as a result of a 401 response or user action.
/account/register endpoints return new tokens to authenticate and log in users.
If any endpoint returns a 401 the user's token is refreshed using either the
If the refresh fails the user is silently logged out.
When a user takes action to log out the app calls the
/account/logout endpoint, clears the user, and generates a new
The user is logged out regardless of the logout response.
Guest users are authenticated using the
If the backend returns a 401 and the user has no token, a token is retrieved from the this endpoint.
Apps that update to the Account SDK from the legacy authentication flow can migrate their existing logged in users using the
This endpoint is a placeholder for a bespoke implementation that must be created on your clients backend.
When the backend returns a 401 existing credential users use this endpoint to migrate. If this endpoint is not implemented or fails the user is silently logged out.