Alert EnterpriseWiki

HID — Apple Wallet issuance (iOS)

apple walletios20 steps6 actorsCandidate
20
Candidateoverall flow status
20/ 20 candidate
0%
steps cited
0 of 20 · plus flow-level
Triggers
  • User receives invitation email with credentials and AE Wallet App link
  • User signs into AE Wallet App on the device that will hold the credential
TLSAPI-keymTLSmTLSHIDHID Origo iOS S…serviceUseruserAlert EnterpriseAE Wallet AppserviceAlert EnterpriseAE NFC CloudserviceHIDHID OrigoplatformApple WalletApple Walletwallet1User opens AE Wallet App2Sign in (email + temporary password from invitation)3POST /authenticate/verifyCrosses trust boundary4api/auth/twofactor/generate (optional 2FA)5api/auth/verifyuser2f (validate OTP)6Auth token returned7Save token to iOS Keychain · enable biometric if available8api/mobilecred/user/me (get user profile)9api/binaryresource/download (cardholder photo)10User taps "Add to Apple Wallet"11api/mobilecred/card/add12Issue credential (POST /organization/{orgId}/users · Mobile ID)Crosses trust boundary13Issuance token14Issuance token relayed to app15createInitializedMobileKeysManager · listWalletPasses · getAvailableT…16origoKeysManager?.setupEndpoint (issuance token, target .appleWallet)Crosses trust boundary17Deliver Seos credential to Apple Pay (HID Origo Integration Service)Crosses trust boundary18Pass provisioned on device19api/mobilecred/card/save (mark issued)20Status confirmation
Hover steps or envelopes to inspect.
Trust boundary
Source
  • src/Architecture & Sequence Diagrams/Alert Enterprise - Mobile Credentials Flow - Internal_Engineering_Team.pptx slides 8-9 (HID iOS Credential Provisioning)
  • src/Architecture & Sequence Diagrams/Employee Badge in Apple Wallet Integration Architecture for HID.pptx HID-Apple architecture diagram
  • src/web/hid-origo-api/04-credential-management.md PPPU and setupEndpoint pattern
Verifying access
Desktop only

The AE Mobile Wiki needs a bigger screen.

The diagrams, comparisons, and animated flows aren't built for phones. Open this link on your laptop or desktop browser and you'll see the full reference.

wiki.alertenterprise.app

Same Google sign-in as the AE App Hub — you'll be in once you open it on a larger screen.