You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

In this document we offer some tips and considerations to optimise your login and regsitration flow:

1. Should you store data or not?

When using Additional Information with xID and you want to store the user data, you should only request additional data when you consider it is necessary to update your own database. In this case we recommend the following workflow:

  1. First use xID to recognise and authenticate the user without requesting additional data.
  2. After authentication has been done, you should check your local storage to see if it is necessary to request additional data about the user. 
    1. Maybe the user is new in your system.
    2. Maybe the data you already have about the user is outdated.
    3. Or maybe this is the first time the user is executing an action that requires additional user information.

Note that in this scenario it is necessary to make two xID transactions. In the first step it might be convenient to apply the XID:unsolicited:nodialog login hint

On the other hand, if you don't want to store the user data, you may want to request Additional Information more often.

One option is to first use xID to authenticate the user without the need for Additional Information. Then, you can request Additional Information at a later time when it is necessary in the workflow, for instance during a checkout prosess. In this use case the id_token_hint option shold be used for the second request,

Another option is to postpone the authentication of the user until you know it is necessary to request Additional Information. In this case only one transaction will be sufficient.

2. How often should you collect user data?

What is the purpose of collecting the users data? You should consider these different cases:

  1. Signing up - registering a profile at your website
  2. Prefilling forms
  3. Personalise and customise your website

Remember that getting user data from Additional Information will return a consent dialogue every time. You decide if you want to save the information you get on the user, or ask for this every time the user is to for example prefill a form.

It is currently not possible to get updates automatically on the users data if the user is to change his Additional Information, let's say if he decides to move or changes his phone number. You can currently only get updated information on the user when he is at your website using the applications where you have enabled Additional Information.

3. Should you prefill or lock the user data in forms?

The guidelines for xID regarding this applies to Additional Information as well: Best practices

  • No labels