BiometricAuthService
Component Detail
Service Layer
medium complexity
mobile
0
Dependencies
0
Dependents
0
Entities
0
Integrations
Description
Orchestrates the biometric session-continuation flow by coordinating between the biometric prompt and the secure token store. After a successful biometric verification it retrieves the device-bound session token and restores the authenticated session without any server-side biometric data transmission. It also handles enrollment after initial full-credential login.
biometric-auth-service
Sources & reasoning
Lines 42 and 276 describe biometric login explicitly as a post-initial-login session mechanism co-delivered with BankID/Vipps. BankID/Vipps are Phase 2 (v1.0) per the priority matrix. Biometric depends on a prior full-credential session and is naturally co-delivered in Phase 2. Blueprint confirms v1.0.
-
docs/source/likeperson.md · line 42med biometrisk innlogging (Face ID / fingeravtrykk) etterpå
-
docs/source/likeperson.md · line 276Biometric session unlock (Face ID / fingerprint) after first login. Mobile stores tokens in the platform secure store
Responsibilities
- Enroll biometric session after successful email/password authentication by storing a device-bound token
- Retrieve and validate the stored session token following a successful biometric prompt
- Detect whether biometric authentication is enrolled and available on the current device
- Clear enrolled biometric session on explicit logout or credential change
- Handle biometric lockout by falling back to full credential re-authentication
Interfaces
enrollBiometric(sessionToken: string): Promise<void>
authenticateWithBiometric(): Promise<SessionToken>
isEnrolled(): boolean
clearEnrollment(): Promise<void>
isBiometricSupported(): boolean