Getting Started

Architecture and Components

This document details out the high level system architecture, networking and components. It should help you gain an understanding of the role and responsibility each component is playing.

Pinn architecture diagram

A. Your App

In order to integrate Pinn, your organization must have an iOS and/or Android application to embed our mobile SDKs into.

Responsibilities:

  • Calling the Pinn SDK at the appropriate times to present enrollment and authentication user experience
  • Passing the Pinn ID Token to your backend in order to be granted a session or have an action approved
  • Managing your users and their session locally on the application

Networking:

  • Your application must be able to send data over TLS/SSL to your backend

B. Pinn Mobile SDK (iOS|Android)

Pinn's mobile SDKs are responsible for enrolling and authenticating the user (using any auth factors provided by Pinn).

Responsibilities:

  • Calling the Pinn SDK at the appropriate times to present enrollment and authentication user experience
  • Passing the Pinn ID Token to your backend in order to be granted a session or have an action approved
  • Managing your users and their session locally on the application

Networking:

  • Our SDK will automatically connect over HTTPS to the Pinn web services

C. Your Site

Optionally, if you have a site where you would like to leverage Pinn auth you can embed our Web SDK to push the auth out-of-band to your iOS or Android app.

Responsibilities:

  • Embedding the Pinn Web SDK to present a web authentication experience
  • Managing your users and their session locally with the browser

Networking:

  • Your application must be able to send data over TLS/SSL to your backend

D. Pinn Web SDK

The Pinn Web SDK can be directly embedded into your site to authenticate users trying to access protected resources via the browser.

Responsibilities:

  • Displays a dynamic and real-time authentication experience while the user authenticates on their mobile device
  • HTTP form post an ID Token to your backend endpoint

Networking:

  • Our SDK will automatically connect over HTTPS to the Pinn web services

E. Your Backend

In order to integrate Pinn, you must have a backend that is capable of calling the Pinn REST API directly, this typically is either your app backend, or a dedicated authentication server for your site and services.

Responsibilities:

  • Creating users in your system, and calling the Pinn REST API to create a Pinn user
  • Generating Enrollment Keys
  • Verifying the authenticity of ID Tokens signed by Pinn

Networking:

  • Must network with your app as well as your site
  • Must network with the Pinn API via REST

F. Pinn REST API

Our REST API is called directly by your backend and also networks seamlessly with both our Web and Mobile SDKs. You are responsible for integrating your backend with our REST API in order to integrate. If you are a backend developer you should read the documentation on our most critical and necessary to implement API operations:

?

Questions?

We are here to help! Contact us with any development related questions at dev@pinn.ai and we'll reach back in a timely manner.