Login Flow
Reference information on how a user would authenticate with Authproject
3 minute read
How does a user login to Authproject?
Diagram: Login Flow
When a user logs in to Authproject, their authentication journey follows this flow chart.
NOTE: This only shows the “success” path. If they are unsuccessful in a given step, they are brought back to the previous successful step to try again.
flowchart TD
A[User goes to Login page] --> B[User enters email]
B --> C{Select first factor}
C -->|Enter password| D[Password entry page]
D --> E[Enter password]
E --> F[Click Submit]
F --> C2{Password correct?}
C2 -->|Yes| I[Prompt to select second factor]
C -->|Magic link| G[System emails magic link]
G --> H[User clicks link in email]
H --> I
I --> J{Select second factor}
J -->|OTP| K[OTP entry page]
K --> L[Enter OTP]
L --> M[Click Submit]
M --> C3{OTP correct?}
C3 -->|Yes| N[Login success]
J -->|Passkey| P[Passkey entry page]
P --> Q[Interact with passkey]
Q --> C4{Passkey correct?}
C4 -->|Yes| NText: Login Flow
- A user first enters their email.
- Then, the user selects the first factor to log in with.
- If they choose to authenticate with a password, they are brought to a page
where they enter their password.
- They enter their password, then click “submit.”
- If they choose to authenticate with a Magic Link, they are brought to a
page where they can request a Magic Link.
- They click “Send Magic Link.”
- They then check their email, and find the Magic Link they were sent.
- They click “Login” on the Magic Link.
- If they choose to authenticate with a password, they are brought to a page
where they enter their password.
- Once the user has completed the first factor, they are (if configured)
prompted to enter a second factor.
- If they choose to log in with an OTP (One-Time Password, otherwise known
as One-Time Code), they are brought to a page where they can enter their
OTP.
- They enter the OTP from their authenticator app, then click “Submit.”
- If they choose to log in with a Passkey (WebAuthn), they are brought to a
page where their browser prompts them to log in with a passkey.
- They then interact with their Passkey to login.
- If they choose to log in with an OTP (One-Time Password, otherwise known
as One-Time Code), they are brought to a page where they can enter their
OTP.
- Once the user has completed the second factor, they are brought to a success page where they can continue on to their application, or they are redirected to the application that initially sent them to the login screen.
Success
If a user was sent to the authentication domain as part of logging in to another platform, they will be sent back to the originating platform.
If a user arrives at the authentication domain without it being part of a request from another platform, they will see a “Login Success” page where they are told to visit their original platform.