CIBA Overview
The BindID OIDC CIBA implementation allows you to integrate CIBA flows into a server app, so you can easily perform out-of-band authentication, such as for authentication flows initiated by IVR systems or Call Centers. You can also use CIBA flows in your web applications to create a link for use in native desktop to mobile authentication flows, instead of sending end users to the BindID QR screen to authenticate.
Here's how it works for server apps:
- Your server app invokes the
/authorize_ciba
endpoint to retrieve a link that can be presented to the user (for example, as QR code). - When the end user opens the link, an out-of-band authentication flow is initiated on the user's device.
- Your server app retrieves the ID and access tokens from the /token endpoint, either using polling or by subscribing to receive notifications when it’s ready.
- Your server app validates the user tokens.