Versions Compared

Old Version 3

changes.mady.by.user Alx Dark

Saved on

compared with

New Version Current

changes.mady.by.user Michael Lee

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Examples added where linking services showcase their contextual linking

We're going to add a feature that will allow apps to work without the user needing to create or enter a password.

...


POST/v3/auth/email/signIn
auth
no authentication, public endpoint
body
{ "email": "<email.address>", "study": "<studyId>", "password": "<password>", "token" : "<token>" }
returns200with user session

412with user session

404
{ "statusCode": 404, "entityClass": "Account", "message": "Account not found.", "type": "EntityNotFoundException" }


If the token has been issued, retrieve the user's identity and return a session. Optionally, if a password value has also been submitted, reset the password before returning the session.

...

AuthenticationService

methodDescription
initiateSessionVerificationrequestEmailSignIn(String emailSignIn signIn)
  1. If functionality disabled, throw EndpointNotFoundException
  2. If email present, through throw RateLimitExceededException
  3. create token, store in Redis mapped to email, TTL 1 minute
  4. send email using study template to supplied email address
verifySessionemailSignIn(String email, String password, String tokenCriteriaContext context, SignIn signIn)
  1. Retrieve token from Redis using email
  2. If email or token missing, or token doesn't match supplied token, through throw 404
  3. Update password, if supplied
  4. Delete Redis entry
  5. Return a user session

Purpose

We want an easy web-to-native app transition that will allow users to complete the online portion of an app and then go to the application having all of their information remembered. 

First Install- Web to Native App

  1. User fills out survey on the web
  2. User signs up using their phone number (on the phone, or in the web page? I think this matters)
  3. SMS is sent which takes user to app store/googe play store so they can download the app
  4. After the app installed the information from the online portion is remembered (ex. consent has been filled out)

Alx: I don't think it's possible to do this. If you have documentation on this, please provide it. For example, branch.io is "fingerprinting" a device in order to re-establish state after an app install... I don't see how this will work if user starts on desktop, and then switches to their phone).

First Install- Native App to Native App

All of the steps above would be the same, except if the user had downloaded the app on their phone rather than starting at the website their magic link would take them directly

to inside the application.

Definitions

Deep Linking- points to content inside of an application, works if the app is installed

Deferred Linking- This takes users to a 'deferred' part of the application after install, non-specific to the user

Contextual Linking- Keeping information all the way through install, this is a seamless experience, best choice

Universal Linking- specific to iOS (only ios >9.0, ~85% of iphone users), makes it so that no hacky javascript is used to redirect the website to a URI link (my://) , requires SSL certificate

App Links- similar to apple version of universal linking. except android still accepts custom uri schemes in their mobile web browser, requires SSL certificate.

Intent-Filter-Link- Specific to android, no SSL certificate required, the dillemma here is that a disambiguation page is brought up and the user can choose to bring up another app instead. (ie. chrome could be a suggestion to open our website)

Web Requirements 

 1. SSL certificate- This is so that your app and website can be tied together, no other application can be suggested once this step is in place

 2.  ./well-known/ directory needs to be hosted on your website and two special files that are recognized by android and ios devices

ex: https://mPower.com/.well-known/<file-name depends on ios/android>

Note: "These two files will be downloaded automatically by every single user that installs or upgrades the app, its recommended that this file get hosted on a CDN

-Because this file is only fetched once when the user first installs or upgrades the app, this file must be live on your website before your app is released. This also means that you can’t add new deep linking url patterns to your app until you push out a new app update to force users to refresh the file."

          3.  You can match links using regex/direct paths/ or path prefixes for a response to get triggered. You can use only use URLs for ios, whereas android still allows for URI. 

URL:

https/mPower.com/...

URI:

mPower:// outdated for ios, apple made universal links for this reason

App Requirements

In both applications the implementation is fairly straightforward, Android Studio has a built in feature that allows you create and test domains on your app. iOS has docs that are also straightforward. Note: neither of these can be tested until the certiciate is in place.

Other Considerations

There are several cases when deep links won't work, links inside the Gmail, Inbox and Facebook apps for instance.

Linking Services

The main selling point of these services is that they allow for keeping information known through install (contextual linking). It has yet to be determined how difficult/or not difficult this is to do without their services. 

branch io

Examples of contextual linking with branch io, the 'magra' example shows an actual link that was texted to recieve an app install link

google firebase

Example of contextual linking  with google firebase here they show an example of how someone could open the app on the web like so:

   <ahref="https://abc123.app.goo.gl/?link=https://example.com/content?item%3D1234&apn=com.example.android&ibi=com.example.ios">
   Open this page in our app!</a>

      In this example we have the link embedded inside the web page, but for our purposes we would want it sent via sms.