Skip to main content

How it works

In a nutshell, Authsignal works via our simple track call made from your application server. You can send these calls wherever you need to track users’ actions which may need to be gated behind an MFA challenge.

The result of a track call will tell you whether the action needs to be challenged or blocked or if it can be let through. This decision is determined by rules which can be configured via the Authsignal Portal. We’ve made made it easy by suggesting some pre-defined rules which are often a sensible default for actions like signing in; but you can configure these rules to be as simple or as complex as your application requires.

The diagram below illustrates the flow of api calls and checks for a typical challenge flow integration with Authsignal.

A flow diagram showing how Authsignal works