TheregisterWithCompanyName:companyEmployeeId:email:isCompanyOwnedEmail:bayunAppCredentials:newUserCredentialsCallback:securityQuestionsCallback:passphraseCallback:authorizeEmployeeCallback:success:failure: function creates a new employee on Bayun's system with supplied (companyName, companyEmployeeId) combination, and links it to Bayun user account with userId matching the supplied email address (creating one if necessary). All subsequent authentication requests for this employee will require user-credentials matching the supplied security questionsAnswers (or passphrase if set).

Let's say an employee has email as loginId i.e username@bayunsystems.com.

• companyName : Unique name of the company/tenant the registering employee belongs to, preferably in domain-name format for consistency, e.g. bayunsystems.com. This assumes that the user is getting access to the corresponding enterprise tenant with the same domain-name managed by their employer. In some cases the email domain of the user could be different from the domain of the tenant this user belongs to e.g. username@customdomain.com registering on a tenant with domain bayunsystems.com as a contractor, or on a generic tenant for individual accounts in a consumer use-case (e.g. tenant domain of gmail.com). In such a case, the domain-name part of the tenant is what should be used as the companyName parameter. Alternatively you can also choose to pass app's own internal companyId/tenantId for the registering employee as a parameter.

• uiViewController : UIViewController of application.

• companyEmployeeId : EmployeeId unique within the company. E.g. username@bayunsystems.com While just the "username" portion might suffice in some cases, it is preferable to use the full loginId for consistency (especially considering that full loginId has to be anyway used for a contractor or consumer use-case). Alternatively you can also choose to pass app's own internal employeeId that is unique within the specific companyName that was used above.

• email : Bayun userId for the new user being registered, in the form of User Principal Name (UPN) represented as an email address e.g. username@bayunsystems.com. For a consumer use-case, it can be the email address provided by the user themselves, or one provided/generated by the app. If no email address is available, the app can choose to construct a dummy email by concatenating the user's companyName and companyEmployeeId, e.g. <companyEmployeeId>@<companyName>.dummy-email. This email is not needed for subsequent login requests from the registered employee (as combination of companyName and companyEmployeeId uniquely identify the employee), but the credentials associated with the corresponding userId/email (e.g. security answers) will always be used for authorizing this employee from a new device.

• isCompanyOwnedEmail : Whether the user email is an enterprise email address owned and controlled by the companyName provided above. Relevant only for enterprise apps that typically allow employees of a company to login via SSO (in such cases, the email and companyEmployeeId will be the same as user’s corporate email-address, and the domain-name of these will also match the domain of the tenant provided as companyName). It should otherwise be set to false by default. If it's a company-owned enterprise email address, then we know that the company owns it, and it can be deleted or reclaimed by the company for potential reassignment to another employee as desired.

• bayunAppCredentials : BayunAppCredentials instance is initialized with AppId, AppSecret and Salt.

• authorizeEmployeeCallback : Block to be executed if employee public key authorization is pending, returns employeePublicKey.

• newUserCredentialsCallback : Most developers can just leave it null for default functionality. It is used to set Security Questions & Answers for a new user being created, as well as an optional Passphrase. By default, the SDK uses AlertView to take User’s input to set Security Questions & Answers, Passphrase. Using a non-null callback function here, the developer can optionally provide a custom UI block for taking User’s input, to match with the look-and-feel of the app, instead of relying on the default alert-view. If non-null, this block will need to take user input for security questions & answers, passphrase and call setNewUserCredentials method in the SDK. The callback is triggered to take these inputs for a new user being registered on Bayun.

• securityQuestionsCallback : Most developers can just leave it null for default functionality. It is used for taking answers to Security Questions from an existing Bayun User. By default, the SDK uses AlertView to take User’s input for the answers to Security Questions. The developer can optionally provide a custom UI block for taking User’s input, to match with the look-and-feel of the app, instead of relying on the default alert-view. If non-null, this block will need to take user answers to the security questions as an input and call validateSecurityQuestions method in the SDK. The Security Questions and QuestionIds are returned in the callback, in the form of NSArray<SecurityQuestion> .

• passphraseCallback : Optional block that is called only if passphrase is enabled for an existing Bayun User. Most developers can just leave it null for default functionality. By default, the SDK uses AlertView to take user input for passphrase if it is enabled for the user. However the developer can optionally provide a custom UI block to match with the look-and-feel of the app instead of relying on the default alert-view. If non-null, this block will need to take user passphrase as input and call validatePassphrase method in the SDK for Passphrase validation.

• success : Success block to be executed after successful registration.

• failure : Failure block to be executed if registration fails, returns BayunError.

Set New Credentials

The setNewUserCredentials:passphrase:authorizeEmployee:success:failure: is used to set Security Questions & Answers for a new user being created, as well as an optional Passphrase. By default, the SDK uses AlertView to take User’s input to set Security Questions & Answers, Passphrase. The developer can optionally provide a custom UI block i.e newUserCredentialsCallback in registerWithCompanyName:companyEmployeeId:email:isCompanyOwnedEmail:bayunAppCredentials:newUserCredentialsCallback:securityQuestionsCallback:passphraseCallback:authorizeEmployeeCallback:success:failure: method for taking User’s input, to match with the look-and-feel of the app, instead of relying on the default alert-view.

• securityQuestions : NSArray<SecurityQuestionAnswer> with five objects to set.

• passphrase : Optional, if passphrase is to be enabled.

• authorizeEmployeeCallback : Block to be executed if employee public key authorization is pending, returns employeePublicKey.

• success : Success block to be executed if credentials are set successfully and registration is complete.

• failure : Failure block to be executed if credentials are not set or registration fails, returns BayunError.

Validate Security Questions

Use validateSecurityQuestions function to validate the security questions' answers.

The function takes the following parameters :

• answers : NSArray<SecurityAnswer> with five objects.

• authorizeEmployeeCallback : Block to be executed if employee public key authorization is pending, returns employeePublicKey.

• success : Success block to be executed after successful Security Questions' Answers validation.

• failure : Failure block to be executed if security answers validation or registration fails, returns BayunError.

Validate Passphrase

Use validatePassphrase function to validate the passphrase.

The function takes the following parameters :

• passphrase : Passphrase to validate.

• authorizeEmployeeCallback : Block to be executed if employee public key authorization is pending, returns employeePublicKey.

• success : Success block to be executed after successful user passphrase validation.

• failure : Failure block to be executed if passphrase validation or registration fails, returns BayunError.

Sample Code

BayunAppCredentials *appCredentials = [[BayunAppCredentials alloc] initWithAppId:@"<appId>"
appSecret:@"<appSecret>" appSalt:@"<appSalt>" baseURL: @"<baseURL>"];

void(^newUserCredentialsCallback)(void) = ^ {
    SecurityQuestionAnswer *securityQuestionAnswer1 = [[SecurityQuestionAnswer alloc] initWithQuestion:@"<question1>" answer:@"<answer1>"];
    SecurityQuestionAnswer *securityQuestionAnswer2 = [[SecurityQuestionAnswer alloc] initWithQuestion:@"<question2>" answer:@"<answer2>"];
    SecurityQuestionAnswer *securityQuestionAnswer3 = [[SecurityQuestionAnswer alloc] initWithQuestion:@"<question3>" answer:@"<answer3>"];
    SecurityQuestionAnswer *securityQuestionAnswer4 = [[SecurityQuestionAnswer alloc] initWithQuestion:@"<question4>" answer:@"<answer4>"];
    SecurityQuestionAnswer *securityQuestionAnswer5 = [[SecurityQuestionAnswer alloc] initWithQuestion:@"<question5>" answer:@"<answer5>"];
    NSArray<SecurityQuestionAnswer*>* securityQuestionAnswers = @[securityQuestionAnswer1,
                                                                 securityQuestionAnswer2,
                                                                 securityQuestionAnswer3,
                                                                 securityQuestionAnswer4,
                                                                 securityQuestionAnswer5];
          
    [[BayunCore sharInstance] setNewUserCredentials:securityQuestionAnswers
                                           passphrase:@"<passphrase>"
                            authorizeEmployeeCallback:^(NSString *employeePublicKey) {
            NSLog(@"employeePublicKey : %@",employeePublicKey);
      } success:^{
            NSLog(@"Registered with Bayun successfully.");
      } failure:^(BayunError errorCode) {
            NSLog(@"Bayun registration failed.");
      }];
    };
        
void (^securityQuestionsCallback)(NSArray<SecurityQuestion*>* securityQuestions) = ^(NSArray<SecurityQuestion*>* securityQuestions){
      
      void (^authorizeEmployeeCallback)(NSString* employeePublicKey) = ^(NSString* employeePublicKey){
          //Authorization of employeePublicKey is Pending
          NSLog(@"employeePublicKey : %@",employeePublicKey);
      }; 
      
      void(^successCallback)(void) = ^{
        NSLog(@"Security Questions are validated and registered with Bayun successfully.");
      };
          
      void(^failureCallback)(BayunError errorCode) = ^(BayunError errorCode){
        NSLog(@"Security questions validation failed with error");
      };
      
      //Iterate over the securityQuestions and get questionId, questionText to get the respective answer from the user    
      //sample input for security questions answers validation
      SecurityAnswer *securityAnswer1 = [[SecurityAnswer alloc] initWithQuestionId:@"<questionId1>" answer:@"<answer1>"];
      SecurityAnswer *securityAnswer2 = [[SecurityAnswer alloc] initWithQuestionId:@"<questionId2>" answer:@"<answer2>"];
      SecurityAnswer *securityAnswer3 = [[SecurityAnswer alloc] initWithQuestionId:@"<questionId3>" answer:@"<answer3>"];
      SecurityAnswer *securityAnswer4 = [[SecurityAnswer alloc] initWithQuestionId:@"<questionId4>" answer:@"<answer4>"];
      SecurityAnswer *securityAnswer5 = [[SecurityAnswer alloc] initWithQuestionId:@"<questionId5>" answer:@"<answer5>"];
      NSArray<SecurityAnswer *>* securityAnswers = @[securityAnswer1,
                                                     securityAnswer2,
                                                     securityAnswer3,
                                                     securityAnswer4,
                                                     securityAnswer5];

      [[BayunCore sharedInstance] validateSecurityQuestions:securityAnswers
                                  authorizeEmployeeCallback:authorizeEmployeeCallback
                                                    success:successCallback
                                                    failure:failureCallback];
      };
        
 void(^passphraseCallback)(void) = ^ {
         
        void (^authorizeEmployeeCallback)(NSString* employeePublicKey) = ^(NSString* employeePublicKey){
          //Authorization of employeePublicKey is Pending
          NSLog(@"employeePublicKey : %@",employeePublicKey);
        }; 
          
        void(^successCallback)(void) = ^{
            NSLog(@"Passphrase is validated and registered with Bayun successfully.");
        };
          
        void(^failureCallback)(BayunError errorCode) = ^(BayunError errorCode){
            NSLog(@"Passphrase validation failed with error");
        };
        
        //sample input for passphrase validation
        [[BayunCore sharedInstance] validatePassphrase:@"<passphrase>"
                             authorizeEmployeeCallback:authorizeEmployeeCallback
                                               success:successCallback
                                               failure:failureCallback];
 };
        
 void (^authorizeEmployeeCallback)(NSString* employeePublicKey) = ^(NSString* employeePublicKey){
          //Authorization of employeePublicKey is Pending
          NSLog(@"employeePublicKey : %@",employeePublicKey);
 };
        
 void(^successCallback)(void) = ^{
          NSLog(@"Registered with Bayun successfully.");
 };
        
 void(^failureCallback)(BayunError errorCode) = ^(BayunError errorCode){
          NSLog(@"Bayun registration failed.");
 };
        
 [[BayunCore sharedInstance] registerWithCompanyName:"<companyName>"
                                   uiViewController : self
                                   companyEmployeeId:"<companyEmployeeId>"
                                               email:"<email>"
                                 isCompanyOwnedEmail:true
                                 bayunAppCredentials:appCredentials
                          newUserCredentialsCallback:newUserCredentialsCallback
                           securityQuestionsCallback:securityQuestionsCallback
                                  passphraseCallback:passphraseCallback
                           authorizeEmployeeCallback:authorizeEmployeeCallback
                                             success:successCallback
                                             failure:failureCallback];

 let appCredentials : BayunAppCredentials = BayunAppCredentials(appId: "<appId>", appSecret: "<appSecret>", 
 appSalt: "<appSalt>", baseURL: "<baseURL>")
 
 BayunCore.sharedInstance().register(withCompanyName: "<companyName>",
                                   uiViewController : self,
                                   companyEmployeeId: "<companyEmployeeId>",
                                               email: "<email>",
                                 isCompanyOwnedEmail:true,
                                 bayunAppCredentials: appCredentials,
                          newUserCredentialsCallback: {
        
        var securityQuestionsAnswers : [SecurityQuestionAnswer] = [SecurityQuestionAnswer]()
        securityQuestionsAnswers.append(SecurityQuestionAnswer(question:"<Question1>", answer: "<Answer1>"))
        securityQuestionsAnswers.append(SecurityQuestionAnswer(question:"<Question2>", answer: "<Answer2>"))
        securityQuestionsAnswers.append(SecurityQuestionAnswer(question:"<Question3>", answer: "<Answer3>"))
        securityQuestionsAnswers.append(SecurityQuestionAnswer(question:"<Question4>", answer: "<Answer4>"))
        securityQuestionsAnswers.append(SecurityQuestionAnswer(question:"<Question5>", answer: "<Answer5>"))
        
        BayunCore.sharedInstance().setNewUserCredentials(securityQuestionsAnswers, passphrase: "<passphrase>", authorizeEmployeeCallback:{ (employeePublicKey) in
          NSLog("Authorization of EmployeePublicKey is Pending")
        }, success: {
          NSLog("Registered With Bayun Successfully")
        }, failure: {(error) in
          NSLog("Bayun registration failed with Error")
        })
      }, securityQuestionsCallback: { (securityQuestions) in
        
        var securityAnswers : [SecurityAnswer] = [SecurityAnswer]()
        securityAnswers.append(SecurityAnswer(questionId: "<QuestionId1>", answer: "<Answer1>"))
        securityAnswers.append(SecurityAnswer(questionId: "<QuestionId2>", answer: "<Answer2>"))
        securityAnswers.append(SecurityAnswer(questionId: "<QuestionId3>", answer: "<Answer3>"))
        securityAnswers.append(SecurityAnswer(questionId: "<QuestionId4>", answer: "<Answer4>"))
        securityAnswers.append(SecurityAnswer(questionId: "<QuestionId5>", answer: "<Answer5>"))
        
        BayunCore.sharedInstance().validateSecurityQuestions(securityAnswers,
                                                             authorizeEmployeeCallback: { (employeePublicKey) in
          NSLog("Authorization of EmployeePublicKey is Pending")
        }, success: {
          NSLog("Security Questions are validated and registered with Bayun successfully.")
        }, failure: {(error) in
          NSLog("Security questions validation failed with error")
        })
        
      }, passphraseCallback: {
        
        BayunCore.sharedInstance().validatePassphrase("<passphrase>",
                                                      authorizeEmployeeCallback: { (employeePublicKey) in
          NSLog("Authorization of EmployeePublicKey is Pending")
          
        }, success: {
          NSLog("Passphrase is validated and registered with Bayun successfully.")
        }, failure: {(error) in
          NSLog("Passphrase validation failed with error")
        })
        
      }, authorizeEmployeeCallback: { (employeePublicKey) in
        NSLog("Authorization of EmployeePublicKey is Pending")
      }, success: {
        NSLog("Registered With Bayun Successfully")
      }, failure: { (error) in
        NSLog("Bayun registration failed with Error")
})