Implicit authentication can be used to authenticate users without explicitly interaction with a user. With this feature enabled, users can be authenticated implicitly at any time if they have previously registered with their device. This feature can be useful for fetching (personal) data that is not sensitive for users on that device. An example is to fetch the first name to show a greeting when the user opens their app. When more sensitive data is needed, the user must use a different authentication method, like the pin or biometric authentication.
A resource gateway can validate an implicit access token using token introspection.
Enable implicit authentication
To enable implicit authentication for your app, first head over to
Applications in your Onegini Access admin. Once there you can create a new
application or editing one existing. Either way, to enable implicit authentication, follow these steps.
- Under OAuth settings, enable the 'User Registration' flow.
- Under User authentication, enable 'Implicit authentication'.
The User Registration flow must be enabled so users can register before using implicit authentication.