Journey steps

The journey is composed of a series of steps you define using a graphical user interface. These steps can be classified into the following types:

  • User interactions : These steps are always client-facing (require client-side code) and allow for collecting information from the user or presenting authentication methods. Examples include:
  • System execution : These steps either perform backend tasks or are implicitly handled by the Orchestration SDK without any user interaction. E.g., updating or inserting data into user profiles ( Register Email , Register device ).
  • Device operations : Steps for checking device operations include:
    • Checking the status of devices and authenticators (e.g., Known Device Status )
    • Cryptographic binding and verification
    • Requests for device information and risk signals (e.g., Risk recommendation )
  • Web services : You can define external HTTP calls as connectors configured in the Integration hub . These calls include:
    • URL definitions, headers, HTTP methods, and more
    • Data transformations for sending and receiving responses from external services.
  • Expressions : These steps allow running authscript and typescript code, as well as running requests via Mosaic APIs
  • Calculations and flow control structures . Some steps involve:
    • Performing calculations based on user input, external service results, or previous steps.
    • Utilizing control structures such as conditions, loops, and alternate branches to guide the flow ( While loop , Complete journey , Reject access ).

Client SDK and SSO journeys can include both user interaction and system execution steps, allowing for seamless interaction between the user and the server. Depending on the specific purpose of the journey, Client SDK and SSO journeys might emphasize client-side steps, such as in user authentication flows, while backend steps handle server-side data processing. This flexibility allows Client SDK and SSO journeys to combine both types of steps as needed.