TheloginWithCompanyName:companyEmployeeId:password:autoCreateEmployee:securityQuestions:passphrase:bayunAppCredentials:authorizeEmployee:success:failure: function is the instance function that initialises your access to Bayun. The function takes the following parameters :

Let's say the user is logging-in using their login-id of username@bayunsystems.com.

• companyName : Unique name of the company/tenant the authenticating employee belongs to, e.g. bayunsystems.com. This should be chosen using exactly the same methodology that was used during user registration via registerEmployeeWithPassword. Note that in some cases the email domain of the user could be different from the domain of the tenant this user belongs to. In such a case, the domain-name part of the tenant is what should be used as the companyName parameter.

• uiViewController : UIViewController of application.

• companyEmployeeId : EmployeeId unique within the company, e.g. username@bayunsystems.com. This should also be chosen using exactly the same methodology that was used during user registration via registerWithCompanyName:companyEmployeeId:password:bayunAppCredentials:authorizeEmployee:success:failure: . Note that while just the "username" portion might suffice in some cases, it is preferable to use the full loginId for consistency.

• password : Password of the user. Used to keep user secret keys protected. Never stored or transmitted by BayunSDK in clear. If the developer wishes, it can be a cryptographic hash of the password instead of the cleartext password itself. Bayun just needs a unique secret known to the user only, or something unique generated from it, for keeping the user lockboxes protected in such a way that nobody other than the user has access to it (similar to how iPhone does it with user’s device PIN).

• autoCreateEmployee : Determines whether or not an employee should be created automatically on Bayun’s system if it does not already exist within the given company. If set to true, an attempt is made to authenticate against an existing employee account first, but if there is no such employee within the given company, a new one is created instead with the supplied credentials. This provides an easy integration option for the developer to use a single login call in an existing application for the simpler use-cases, rather than having to integrate separately with more involved registration & authorization flow along-with the separate login flow. Use this feature only when Bayun’s auth mechanism is being used as shadow auth for your app’s own authentication, using the same user password. And make sure the user has already been successfully authenticated to your own app’s authentication mechanism, before calling Bayun’s loginWithPassword function with autoCreateEmployee set to true.

• securityQuestionsCallback : Most developers can just leave it null for default functionality. It is used for taking answers of Security Questions from the User when extra security with two-factor authorization is enabled. By default, the SDK uses AlertView to take User’s input for the answers of the Security Questions, if two-factor authorization is enabled for the user trying to authenticate. The developer can optionally provide a custom UI block for taking User’s input, to match with the look-and-feel of the app, instead of relying on the default alert-view. If non-null, this block will need to take user answers to the security questions as an input and call validateSecurityQuestions method in the SDK. The callback is triggered when two-factor authorization is enabled for the user authenticating with Bayun.The Security Questions and QuestionIds are returned in the callback, in the form of NSArray<SecurityQuestion>.

• passphraseCallback : Optional block if passphrase is enabled. Most developers can just leave it null for default functionality. It is used for taking user passphrase input for extra security when passphrase is explicitly enabled by the user. By default, the SDK uses AlertView to take user input for passphrase if it is enabled for a user. However the developer can optionally provide a custom UI block to match with the look-and-feel of the app instead of relying on the default alert-view. If non-null, this block will need to take user passphrase as input and call Bayun validatePassphrase method for Passphrase validation.

• bayunAppCredentials : BayunAppCredentials instance is initialized with appId, appSecret and appSalt.

• success : Success block to be executed after successful user authentication.

• failure : Failure block to be executed if login fails, returns BayunError.

Validate Security Questions

Use validateSecurityQuestions function to validate the security questions' answers.

The function takes the following parameters :

• answers : NSArray<SecurityAnswer> with five objects.

• authorizeEmployeeCallback : Block to be executed if employee public key authorization is pending, returns employeePublicKey.

• success : Success block to be executed after successful Security Questions' Answers validation.

• failure : Failure block to be executed if security answers validation or registration fails, returns BayunError.

Validate Passphrase

Use validatePassphrase function to validate the passphrase.

The function takes the following parameters :

• passphrase : Passphrase to validate.

• authorizeEmployeeCallback : Block to be executed if employee public key authorization is pending, returns employeePublicKey.

• success : Success block to be executed after successful user passphrase validation.

• failure : Failure block to be executed if passphrase validation or registration fails, returns BayunError.

Sample Code

BayunAppCredentials *appCredentials = [[BayunAppCredentials alloc] initWithAppId:@"<appId>"
appSecret:@"<appSecret>" appSalt:@"<appSalt>" baseURL: @"<baseURL>"];

 void(^passphraseCallback)(void) = ^ {
            
      void(^successCallback)(void) = ^{
          NSLog(@"Passphrase is validated and logged in with Bayun successfully.");
      };
            
      void(^failureCallback)(BayunError errorCode) = ^(BayunError errorCode){
          NSLog(@"Passphrase validation failed with error");
      };
      
      //sample input for passphrase validation
      [[BayunCore sharedInstance] validatePassphrase:@"<passphrase>"
                           authorizeEmployeeCallback:nil
                                             success:successCallback
                                             failure:failureCallback];
      };
          
 void (^securityQuestionsCallback)(NSArray<SecurityQuestion*>* securityQuestions) = ^(NSArray<SecurityQuestion*>* securityQuestions){
       //Iterate the securityQuestions and get questionId, questionText to get the respective answer from the user
        void(^successCallback)(void) = ^{
            NSLog(@"Security Questions are validated and logged in with Bayun successfully.");
        };
            
        void(^failureCallback)(BayunError errorCode) = ^(BayunError errorCode){
            NSLog(@"Security questions validation failed with error");
        };
            
        //sample input for security questions answers validation
        SecurityAnswer *securityAnswer1 = [[SecurityAnswer alloc] initWithQuestionId:@"<questionId>" answer:@"<answer>"];
        SecurityAnswer *securityAnswer2 = [[SecurityAnswer alloc] initWithQuestionId:@"<questionId>" answer:@"<answer>"];
        SecurityAnswer *securityAnswer3 = [[SecurityAnswer alloc] initWithQuestionId:@"<questionId>" answer:@"<answer>"];
        SecurityAnswer *securityAnswer4 = [[SecurityAnswer alloc] initWithQuestionId:@"<questionId>" answer:@"<answer>"];
        SecurityAnswer *securityAnswer5 = [[SecurityAnswer alloc] initWithQuestionId:@"<questionId>" answer:@"<answer>"];
        NSArray<SecurityAnswer *>* securityAnswers = @[securityAnswer1,
                                                       securityAnswer2,
                                                       securityAnswer3,
                                                       securityAnswer4,
                                                       securityAnswer5];
                                                       
        [[BayunCore sharedInstance] validateSecurityQuestions:securityAnswers
                                    authorizeEmployeeCallback:nil
                                                      success:successCallback
                                                      failure:failureCallback];
  };
          
  [[BayunCore sharedInstance] loginWithCompanyName:"<companyName>"
                                 uiViewController : self
                                 companyEmployeeId:"<companyEmployeeId>"
                                          password:"<password>"
                                autoCreateEmployee:true
                         securityQuestionsCallback:securityQuestionsCallback
                                passphraseCallback:passphraseCallback
                               bayunAppCredentials:appCredentials
                                           success:^{
                                            NSLog(@"Logged in with Bayun successfully.");
                                          } failure:^(BayunError errorCode) {
                                            NSLog(@"Login failed with error.");
  }];

 let appCredentials : BayunAppCredentials = BayunAppCredentials(appId: "<appId>", appSecret: "<appSecret>", 
 appSalt: "<appSalt>", baseURL: "<baseURL>")
 
 BayunCore.sharedInstance().login(withCompanyName: "<companyName>",
                                uiViewController : self,
                                companyEmployeeId: "<companyEmployeeId>",
                                         password: "<password>",
                               autoCreateEmployee: true,
                        securityQuestionsCallback: { (securityQuestions) in
        
        var securityAnswers : [SecurityAnswer] = [SecurityAnswer]()
        securityAnswers.append(SecurityAnswer(questionId: "<QuestionId1>", answer: "<Answer1>"))
        securityAnswers.append(SecurityAnswer(questionId: "<QuestionId2>", answer: "<Answer2>"))
        securityAnswers.append(SecurityAnswer(questionId: "<QuestionId3>", answer: "<Answer3>"))
        securityAnswers.append(SecurityAnswer(questionId: "<QuestionId4>", answer: "<Answer4>"))
        securityAnswers.append(SecurityAnswer(questionId: "<QuestionId5>", answer: "<Answer5>"))
        
        BayunCore.sharedInstance().validateSecurityQuestions(securityAnswers,
                                                             authorizeEmployeeCallback: { (employeePublicKey) in
          NSLog("Authorization of EmployeePublicKey is Pending")
          
        }, success: {
          NSLog("Security Questions are validated and logged in with Bayun successfully.")
        }, failure: {(error) in
          NSLog("Security questions validation failed with error")
        })
      }, passphraseCallback: {
        
        BayunCore.sharedInstance().validatePassphrase("<passphrase>",
                                                      authorizeEmployeeCallback: { (employeePublicKey) in
          NSLog("Authorization of EmployeePublicKey is Pending")
        }, success: {
          NSLog("Passphrase is validated and logged in with Bayun successfully.")
        }, failure: {(error) in
          NSLog("Passphrase validation failed with error")
        })
        
      }, bayunAppCredentials: appCredentials, success: {
        NSLog("Logged in with Bayun successfully.")
      }, failure: {(error) in
        NSLog("Login failed with error")
 })