Normal Login user flow

Successful Flow

Haventec Authenticate login user flow
APIs used
POST /authentication/login

Error Flows

Haventec Authenticate login error flow

Incorrect PIN

This section describes the error codes in case the PIN used is incorrect

First Authentication Failure


        {
            "responseStatus": {
                "status": "ERROR",
                "message": "Authentication failed",
                "code": "AN-AUTH-1006"
            }
        }
    

Second Authentication Failure


        {
            "responseStatus": {
                "status": "ERROR",
                "message": "Authentication failed, You have 1 more login attempt before your device is locked for 5 minutes",
                "code": "AN-AUTH-1029"
            }
        }
    

Third Authentication Failure


        {
            "responseStatus": {
                "status": "ERROR",
                "message": "Authentication failed, your device is now locked for 5 minutes",
                "code": "AN-AUTH-1030"
            }
        }
    

Authentication beyond locked device state (5 minutes)

The user will then be locked upon the third authentication failure for five minutes. Any other attempts to authenticate will be preempted by the following JSON response even if the credentials are correct


        {
            "responseStatus": {
                "status": "ERROR",
                "message": "This device is temporarily locked, please try again later",
                "code": "AN-AUTH-1031"
            }
        }
    

Note: During the five minutes of which the device is temporarily locked, the user may reset the PIN if they wish.

Fourth Authentication Failure

Once five minutes has passed from the previous failed attempt that resulted in a temporary lock, they're then free to log in again and another failed authentication results in the following error message:


        {
            "responseStatus": {
                "status": "ERROR",
                "message": "Authentication failed",
                "code": "AN-AUTH-1006"
            }
        }
    

Fifth Authentication Failure


        {
            "responseStatus": {
                "status": "ERROR",
                "message": "Authentication failed, You have 1 more login attempt before your device is locked",
                "code": "AN-AUTH-1004"
            }
        }
    

Sixth & Last Authentication Failure

At this stage, the device is permanently locked & can only be unlocked by either contacting the organisation support staff or by unlocking it from another authenticated device.


        {
            "responseStatus": {
                "status": "ERROR",
                "message": "Authentication failed, your device is now locked",
                "code": "AN-AUTH-1005"
            }
        }
    

Any other attempts beyond the state of the device being permanently locked results in this response


        {
            "responseStatus": {
                "status": "ERROR",
                "message": "Device is locked",
                "code": "AN-HENG-1004"
            }
        }
    

Network Resilience - Login user flow

Successful scenario

Haventec Authenticate login user flow
APIs used
POST /authentication/login
DELETE /device/{deviceUuid}/auth-key/{authKeyUuid}/others

Lost Auth Key scenario

Haventec Authenticate login user flow
APIs used
POST /authentication/login
DELETE /device/{deviceUuid}/auth-key/{authKeyUuid}/others

Lost Auth Key Confirmation scenario

Haventec Authenticate login user flow
APIs used
POST /authentication/login
DELETE /device/{deviceUuid}/auth-key/{authKeyUuid}/others