TouchID and FaceID authentication

[skyshine999]

I implemented MSAL in my project. Is there an library that allow TouchID and FaceID authentication

[oldalton]

Adding @brandwe to provide more info.

[michelledoyle]

Following. Same question.@brandwe

[ekscrypto]

Following +1

[mipetriu]

@ekscrypto, do you mind letting us know what scenario you're looking to achieve with touchID/faceID?

[ekscrypto]

@mipetriu Our users are issued 24hr refresh token with a sliding window of 14 days but in many cases they may study Monday-Friday; so if their session isn't used over the weekend on Monday they end up having to re-authenticate again.

What we are hoping to achieve, is on a successful interactive login, have the app asking them if they want their credentials remembered and enable TouchId/FaceID. Provided they said yes, the next time we present them with the interactive authentication form:

If their credentials are saved in the keychain
Verify with TouchID/FaceID that they are authorized
Confirm that the sign in policy is the same
Automatically fill-in/submit their credentials

Our authentication flow expects user to fill in email & password without 2FA.

[brandwe]

So correct me if I'm wrong @mipetriu but the answer here would be for the app to prompt for Touch ID/Face ID on it's own and if successful then call currentAccount(). This is because we are always refreshing the token for that 14 day window as you indicate. It's up to the app to prompt at times that the SDK won't.

[gjmoyer]

I was just looking at how Face ID would even help the user. Assuming user opted into password less on their Entra ID account. When app launches it first displays a list of account(s) user previously used which they can just touch on. Then it will send prompt for user to use Face ID on authenticator app to approve, and then user is authenticated. There is no need to enter email or password. I came here looking to implement Face ID also, but now I am wondering what for? :)