I am sending notifications to my app users (IOS and Android) via Azure Notifications Hub. To do this, i am using templates for both opering systems in my .NET backend. These templates look like this:
Android:
"{\"data\":{\"message\":\"$(message)\", \"title\": \"$(title)\"}}"
IOS:
"{\"aps\":{\"alert\": {\"title\":\"$(title)\",\"body\":\"$(message)\"}}}";
This works fine, but now I would like to add buttons to my notifications for 2FA on login for my website. The user then can 'accept' or 'deny' the login via this notification.
My question is; How can i accomplish these buttons via my templates?
Related
We are using Azure B2C for login/authentication of our users. This works fine on our website (social and email login etc).
Our mobile app is built in Xamarin forms and we are trying to build a native login experience (using native app controls vs. a web view within the app that B2C presents) that integrates natively with the device biometrics for login (FaceId, TouchId, fingerprint login).
As you can imagine, doing this in the webview that Azure B2C requires doesn't allow a native login experience.
The overall goal here is 2 fold:
Build a native login experience
Integrate with biometrics.
Question:
Does Azure B2C have an API that enables this, especially so we can use authorization code flow without a UI. ROPC exists but does it integrate with social accounts too?
If not, is there a way to integrate biometric login with Azure B2C on mobile when the login screen is presented in a webview? So that when the B2C login page in the webview is presented, a user can login with touch/faceId and save that information to they keychain (on iOS and the equivalent on Android)
You need to use Webviews, and you can enable Biometric integration with webview type experience.
You cannot integrate any service with Social Accounts and ROPC. Any integration with Social IdPs will need a webview.
Yes, enable Keep Me Signed In for long lived sessions. Wrap the biometric code around the acquireTokenSilent() methods.
Then you have two options:
You can hide the KMSI button, and use JavaScript to force select the KMSI checkbox in the login page using page customisation.
You can rename the KMSI label on the login page to ask the user if they want to enrol in to biometric. Then after the login, your app will receive a claim in the token whether the user opted in, use claim resolver to achieve that.
Now you have a user logged into the App, with:
1 hour access token
Potentially up to infinity long refresh token
Multi day/year Azure AD B2C session cookie
Then, when the user re-attempts to open the app, or perform some action in the app, you will need to call acquireTokenSilent(). This MSAL method obtains a fresh access token for the required API resource/scope.
If the token is expired, or requires a different scope, the a new token is fetched.
You can wrap any action in your application with the biometric SDK.
if (performingSomeAction && requiresBiometric)
if (challengeBiometric succeeds)
acquireTokenSilent()
//do someAction
Now if the refresh token has expired, then the web view will pop up, the long lived session cookie will be used to get new tokens. The acquireTokenSilent() method handles all of that already.
Have an authenticated Firebase User in my Android App. Webview in the same Android App which loads a HTML page, need to access the Firebase DB via Javascript.
For the Webview to access the Firebase DB, need to authenticate again in the javascript. I can use signInWithCustomToken(), but Android App can't create custom token, have to call Server every time to create CustomToken and pass it to webview.
Is there any way I could pass Authentication From Android App to Webview inside that?
I have Register my app for the windows store (by doing steps 1 to 13) as in the link
Now notification works when I'am adding notifications in developer account. Now I want to know that can I send the notification message to my app externally? For example when I enter a text on html/php page and press a button, that entered text should be send as a notification message to all app users (both foreground and background). How can I link all this?
if you registered your app to get a push notification channel your getting an uri where you can reach your app. In your php script you need to send notifications to that uri. So your app have to register the uri in your backend so you have it available in your sender. then when you push the button you need to send the notification to that uri. see more here: https://learn.microsoft.com/en-us/windows/uwp/design/shell/tiles-and-notifications/windows-push-notification-services--wns--overview
I am trying to customize the email verification template of firebase in such a way that when the user subscribe, the email verificaton is sent to him and when he click on the verification link,the app is opened and it handle the end of the verification process. I am using firebase for my backend. So when i change the default verification URL by this :
myappname://PageName?mode=<action>&oobCode=<code>,
firebase generate an error and the modifications are not saved.
Custom schemes are not supported for email verification. Firebase Auth uses FDL (Firebase Dynamic Links) to send verification links directly to a mobile application. These use more secure mechanisms for app redirects including universal links in iOS, Android verified links and Google play verified links, etc. Please use these as they are more secure than custom schemes which anyone can claim and are particularly vulnerable in Android which is not as regulated as Apple via the app store review process.
I am implementing ionic push notification to my app.
I want to know when shall I identify and register user. Is that should be done once for all (when first boot of the app), or I need to request for registration each time I start the application, so I refresh user's tokens ?