Using Password AutoFill to Authenticate Users

Provide customers with an easy solution to perfom authentication on their iOS devices.


Supporting the Password AutoFill feature requires that the authorization input element must annotate the autocomplete HTML attribute in the following format:

<input autocomplete=”value”>

Possible values for the autocomplete attribute are username, current-password, new-password, and one-time code. For more information about these values, see Enabling Password AutoFill on an HTML Input Element.

In Figure 1 from Pass Authenticate Data, after the customer has been authorized, the system sends an OAuth response. In this step, the customer’s device is redirected to a URL that triggers a login form using an existing third party login system. For more information, see Password AutoFill.

Example of a Successful Password Autofill Authentication

{ "Destination-Id": "urn:mbid:AQAAYyUbut6E4B3T9FLv5EbG/ <truncated>", "Source-Id": "a884eddf-<truncated>", "Content-Type": "application/json", "id": "afd1a681-<truncated>", "Authorization": "Bearer eyJhbGciOiJIUzI1NiIsIn <truncated>"}{ "interactiveData": { "receivedMessage": { "imageIdentifier": "1", "title": "Sign In to Application" }, "bid": "", "data": { "images": [{ "identifier": "1", "data": "iVBORw0KGgoAAAA <truncated>" }], "version": "1.0", "authenticate": { "oauth2": { "clientSecret": "zDGvvOgtVppMLUe3", "state": "security_token", "scope": ["r_basicprofile"], "responseEncryptionKey": "BOE5nfoDH7M65M <truncated>", "responseType": "code" } }, "requestIdentifier": "auth122 <truncated>" }, "replyMessage": { "imageIdentifier": "1", "title": "You Signed In" } }, "sourceId": "a884eddf-<truncated>", "destinationId": "urn:mbid:AQAAYyUbut6E4B3T9FLv5EbG/<truncated>", "v": 1, "type": "interactive", "id": "afd1a681-<truncated>”}
Send-Token: 000000000000000000000000000000000000000000000000Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.<truncated>Device-Agent: iPhone OSContent-Length: 1771Send-Time: 1551895970209Destination-Id: a884eddf-<truncated>Content-Encoding: gzipCapabilities: AUTHX-Http2-Scheme: httpsHost: urn:mbid:AQAAYyUbut6E4B3T9FLv5EbG/<truncated>Content-Type: application/jsonId: d8996d33-<truncated>{ "interactiveData": { "sessionIdentifier": "1a3eab79-<truncated>", "bid": "", "data": { "authenticate": { "status": "authenticated", "token": "BM3eGbG5OsocPRGg5x <truncated>" }, "receivedMessage": { "style": "icon", "imageIdentifier": "1", "title": "Sign In to Application" }, "version": "1.0", "images": [{ "identifier": "1", "data": "iVBORw0KGgoAAAANSUhE <truncated>" }], "replyMessage": { "style": "icon", "imageIdentifier": "1", "alternateTitle": "You Signed In", "title": "You Signed In" }, "requestIdentifier": "auth122 <truncated>" } }, "attachments": [{ "mimeType": "image/jpeg", "name": "jpeg-image-TVPG7C.jpeg", "url": " <truncated>", "file-size": 1103, "mime-type": "image/jpeg", "decryption-key": "0011DCD011741B <truncated>", "owner": "Murn%3Ambid%3A33c <truncated>", "mmcs-url": " <truncated>", "key": "0011DCD011741BDC1 <truncated>", "signature": "8114809C4F5 <truncated>", "mmcs-owner": "Murn%3Ambid%3A33c324734 <truncated>", "size": 1103, "mmcs-signature-hex": "8114809C4F53362 <truncated>" }], "sourceId": "urn:mbid:AQAAYyUbut6E4B3T9FLv5EbG/<truncated>", "destinationId": "a884eddf-<truncated>", "v": 1, "type": "interactive", "id": "d8996d33-<truncated>”}

See Also

Advanced Authentication

Decrypting the Authentication Token

Learn how Business Chat decrypts an authentication token.