Skip to main content

Getting started

Pre-built vs custom UI

Authsignal offers two ways of integrating:

  1. Using Authsignal's pre-built UI. Your app redirects to a web page hosted by Authsignal (or displays it modally in an iframe). This is often the quickest way to integrate. You can still configure your own custom domain and you can heavily customize the look and feel.

  2. Using your own custom-built UI. You can use Authsignal's client SDKs when you want to control your own UI or when using functionality which doesn't require much custom UI (e.g. passkeys).

1. Using Authsignal's pre-built UI
2. Using your own custom-built UI

Using Authsignal's pre-built UI

1. Backend - Track an action

In your app's backend, track an action which represents what your user is doing, e.g. signIn. You can do this using one of the Authsignal Server SDKs or you can call the Authsignal Server API directly using a RESTful HTTP request.

const result = await authsignal.track({
  userId: user.id,
  action: "signIn",
  redirectUrl: "https://yourapp.com/callback", // Only required when using Authsignal's pre-built UI
});

const url = result.url;

2. Frontend - Launch the pre-built UI

In your app's frontend, pass the url from the track call to the Authsignal Web SDK to launch an enrollment or re-authentication flow.

authsignal.launch(url);

3. Backend - Validate the result

Once the user has completed the challenge, Authsignal will send them back to the redirect URL you provided in step 1, appending a token as a query param which you can use to lookup the result of the challenge server-side.

const { state } = await authsignal.validateChallenge({ token });

if (state === "CHALLENGE_SUCCEEDED") {
  // The user completed the challenge successfully
  // Proceed with authenticated action or integrate with IdP to create authenticated session
} else {
  // The user did not complete the challenge successfully
}

Using your own custom-built UI

1. Backend - Track an action

In your app's backend, track an action which represents what your user is doing, e.g. signIn. You can do this using one of the Authsignal Server SDKs or you can call the Authsignal Server API directly using a RESTful HTTP request.

const result = await authsignal.track({
  userId: user.id,
  action: "signIn",
});

const token = result.token;

2. Frontend - Use a client SDK

Use one of the Authsignal Client SDKs to perform a challenge directly within your app, passing the token from step 1.

3. Backend - Validate the result

Pass the result token returned by the client SDK to your backend and validate the result of the challenge server-side.

const { state } = await authsignal.validateChallenge({ token });

if (state === "CHALLENGE_SUCCEEDED") {
  // The user completed the challenge successfully
  // Proceed with authenticated action or integrate with IdP to create authenticated session
} else {
  // The user did not complete the challenge successfully
}