By using push messages, a server-side application can actively push a login request to one or more mobile devices. The table below shows an overview of the three different types of push logins that can be used.
|Push login call||Description|
|provokeLogin||Push login to the account that performed that latest successful login for the current session.|
|provokeLoginOnUser||Push login to all accounts of a given user.|
|provokeLoginOnAccount||Push login to a specific account.|
Each of the push login API calls requires a session identifier to which the authentication will be performed. In the case of provokeLogin the session identifier is also used to check the latest successful login, which determines the account where the push login will be sent to.
Each of the push login API calls can optionally also take a
UserContext JSON object, including additional session information.
The calls provokeLoginOnUser and provokeLoginOnAccount require a reference to respectively a user and an account. You should not rely on non-authenticated user input to determine the user/account to push a login to, as this can result in users receiving arbitrary push messages. Both calls can be used when a different authentication method is used first, as this gives some certainty about the user/account to push the login to.
In most cases provokeLogin is the recommended push method, as it will only work when a user has been previously logged in in the same session. To check if a push login with provokeLogin is possible, getSession can be called to retrieve
LoginStatus.canprovoke will only be true when a previous successful login was done on the session and, as a consequence, pushing a login is possible.