Protected flows provide the functionality to view and change context data and to manage authentication tokens of users. In general, protected flows are all end-user flows accessible after authentication.
They require special consideration because a user must be properly authenticated and authorized to be allowed to use such a flow.
- Typical examples of protected flows are:
- ●address-change flow
- ●mTAN registration flow
- ●email address change flow
- ●Airlock 2FA, Cronto, and mTAN token management self-service
- ●FIDO registration self-service
- ●etc.
Structure of protected flows
- A typical protected flow follows this sequence of steps:
- 1.Validate pre-conditions to ensure that the user is properly authenticated and authorized.
- 2.Depending on flow steps: select item to be changed (e.g. authentication token).
- 3.Supply information to be added, changed, or deleted:
- ●Context data
- ●Authentication token-specific values (such as a display name)
- 4.Validate or approve the change.
- 5.Persist the validated or approved information.