UserIntent / User Statuses and OAuth Module Flows
Related Guides: Guide to Astra's SDK
When a UserIntent is sent to Astra by way of the
POST /v1/user_intent endpoint, the UserIntent will yield a status. The majority of
pending UserIntents will be automatically
approved and the end-user will only need to Authenticate and Authorize in the Astra OAuth Module.
rejected UserIntents, there is no need to send the end-user into the Astra OAuth Module, as they will be unable to use our services.
Sometimes a UserIntent will yield a
retry status. This occurs if we cannot fully verify the identity of a User. Most of the time this happens due to an end-user accidentally entering their information incorrectly. When this occurs, an end-user will need to go through the corresponding Document or Retry flows in our OAuth Module. In some cases, an end-user will be sent through both flows. To better illustrate all of the possible scenarios, please refer to the diagram below that outlines a UserIntent passing through the various statuses related to our security checks.
UserIntent vs. User Object
Once an end-user authenticates, a User object will be created, their UserIntent will become
converted_to_user. The newly created User object will inherit the previous UserIntent status. For example, in the event an end-user Authenticates and Authorizes, but their UserIntent was previously in
document, the User object will now have the
document status applied to it. This means the end-user will either be redirected to the Document flow automatically or sent through the Document Flow the next time they enter the OAuth Module.
The diagram below depicts an end-user authenticating and their associated UserIntent changing status as a result.
OAuth Module Flows
All end-users must to go through the Astra OAuth Module to Authorize your application to make money movements on their behalf via Astra. In most cases, end-users will only need to Authenticate and Authorize, but sometimes they'll need to go through the Document and/or Retry Flows. What does each Astra OAuth Module flow look like? Below is an outline of all the OAuth Module screens an end-user may encounter depending on the status of their UserIntent or User object. Use our SDK Generator, located in your Astra Dashboard to generate the URL for each flow below.
Updated 4 months ago