Signup: Wristband-Hosted UI
Wristband Identity Provider Signup
When signing up with the Wristband identity provider, the sequence of steps in the signup process for Wristband-hosted pages varies based on the configured workflow policies.
User Activation
At a high level:
- The user clicks on the Signup button either on your website or within your application.
- The user gets sent to the Wristband-hosted Signup Page.
- The user provides all information to the Signup Form and clicks the submit button.
- Wristband calls the Provision User API to complete the Signup for the user.
- An Activation Email is sent to the email address that the user provided on the Signup Form.
From here, the user would then complete the User Activation Workflow to finish activating themselves, verify their email, and gain entry into the application.
Email Verification
- The user clicks on the Signup button either on your website or within your application.
- The user gets sent to the Wristband-hosted Signup Page.
- The user provides all information to the Signup Form and clicks the submit button.
- Wristband calls the Provision User API to complete the Signup for the user. During API execution, an Email Verification email is sent to the email address that the user provided on the Signup Form. The user is also set to
ACTIVE
status. - Wristband -- behind the scenes -- redirects the user to the Create Auth Session API in order to create a Wristband Authentication Session for the user.
- The user gets redirected to the Login Endpoint implemented by your application.
From here, the user would be sent through the Authorization Code Flow in order to login and gain entry to the application. Because Wristband already created an Authentication Session for the user during signup, the user gains immediate entry into the application without having to re-enter their credentials. However, they will still need to separately complete the Email Verification Workflow in order to have their email verified.
External Identity Provider Signup
When signing up with any external identity provider, there are more steps involved in order to authenticate with the external identity provider before completing the signup form. For the sake of example, we'll show Google as the external identity provider in the diagram below. At a high level:
- The user clicks on the Signup button either on your website or within your application.
- The user gets sent to the Wristband-hosted Signup Page.
- The user clicks on the "Signup With Google" button.
- The user gets redirected to Google's Authorization Endpoint where they will enter their Google login credentials.
- Google redirects the user back to the Wristband External IDP Callback Endpoint (exact URL is located in the Wristband Dashboard for the corresponding external identity provider).
- Wristband redirects the user to the Wristband-hosted External IDP Signup Form along with an External IDP Authorization Code that will be used for creating an Authentication Session.
- The user provides all information to the External IDP Signup Form and clicks the submit button.
- Wristband calls the Provision External IDP User API, passing along the External IDP Authorization Code.
- Wristband -- behind the scenes -- redirects the user to the Wristband Create Auth Session for External IDP User API in order to create a Wristband Authentication Session for the user.
- The user gets redirected to the Login Endpoint implemented by your application.
From here, the user would be sent through the Authorization Code Flow in order to login and gain entry to the application. Because Wristband already created an Authentication Session for the user during signup, the user gains immediate entry into the application without having to re-enter their credentials.
Unverified Emails from External Identity ProvidersIf the email address synchronized from the external identity provider is not verified, the user must undergo either the User Activation Workflow or the Email Verification Workflow to complete External IDP Signup, depending on the configured Signup Workflow Policy.
Updated 5 months ago