Swimlanes.io is a free webapp for making sequence diagrams. You simply edit the text on the left and the diagram is updated in real time. You can download your sequence diagrams as images or distribute with a link.
title: Brite - User Authentication order: Customer, Brite Client, Merchant, Brite // Adding the SDK to your client _: **1. Display Brite's Assets** (Brite and bank logos) note: Go to [swimlanes for Brite's Assets](https://swimlanes.io/u/TfVopPMotO) _: **2. Merchant authorisation** note: Go to [swimlanes for Merchant Authorisation](https://swimlanes.io/u/knxhtrUHAW) _: **3. Create a session** Merchant -> Brite: `POST /api/session.create_authentication` Brite -> Merchant: Response with `url`, `token` and `id`. _: **4. Render Client and complete authentication** // Server -> Merchant: Share with the front-end `token` Merchant -> Brite Client: Initiate Brite Client `new Brite([token])` Brite Client -> Customer: Render Brite Client note_: Please follow [recommendations for rendering](https://docs.britepayments.com/technical-documentation/rendering-the-brite-client/). Note that the client should close once the session completes. Customer -> Brite Client: Select customer's bank Brite Client -> Brite: Authentication with bank _: **5. Handling callbacks** Brite -> Merchant: Notification to `callback[].url` note_: Notification about a change in session state with `session_id` _: **6. Collect the customer_id** Merchant -> Brite: `POST /session.get` with `session_id` from the notification Brite -> Merchant: Response with customer_id // //////////////////////////////////////////////////// // Notify about the session state if: Session notification with `session_state: 10` (`STATE_ABORTED`) and `11` (`STATE_FAILED`) Merchant -> Customer: Notify about failed attempt to authenticate customer Merchant -> Customer: Return to authentication view. Fallback? Email / Password else: Session notification with `session_state: 12` (`STATE_COMPLETED`) // //////////////////////////////////////////////////// // STATE_COMPLETED (12): The authentication flow has finished without errors. // Store the session_id to refer to Brite's system if: customer_id exists in Merchant's database Merchant -> Merchant: Log in customer based on the **customer_id** returned in `session_id` response Merchant -> Brite Client: Close Brite Client Brite Client -> Merchant: Removes Brite Client Merchant -> Customer: Redirect customer to private session Customer -> Merchant: Continues on the merchant's site else: customer_id does not exists in Merchant's database if: Brite Play Merchant -> Customer: Redirect to payment flow Merchant -> Brite: `/session.create_deposit` note_: [Link to Brite Play flow](https://swimlanes.io/u/XgDzpJl70K) Payment is completed and the customer is registered Merchant -> Customer: Redirect customer to private session Customer -> Merchant: Continues on the merchant's site else: NOT Brite Play OR migrating customers to Play from other provider Merchant -> Brite: `/kyc.create` passing customer_id from completed session Brite -> Merchant: Response with KYC `id` Merchant -> Brite: `/kyc.get` Brite -> Merchant: Response with customer's KYC data Merchant -> Merchant: Check if customer exists note_: if there is match on `ssn` connect existing customer to `customer_id`created in the authentication session. Merchant -> Customer: Redirect customer to private session Customer -> Merchant: Continues on the merchant's site end