A device can also be configured to have two options available for secondary authentication. After entering login credentials, the authentication flow proceeds to the screen to setup or train recognition for the primary secondary authentication method, as configured by useSecondaryAuth (i.e. create and confirm a PIN, scan an NFC tag, etc. ). If configured with a different value for alternateSecondaryAuth, the screen will include an option to switch to training the alternative reauthentication method.

Once one of the two secondary authentication options is selected and trained, the authentication flow will proceed to the logged-in state. Upon unlocking the device from sleep, only the reauthentication method that was selected and trained - primary or alternate - will be available to unlock the device.

Configuration

The following key-value pairs can be set within the settings object of the Launcher configuration JSON file.