Skip to content
Prefactor Docs

Understanding pools

Pools are a collection of identities and associated information. Each one operates according to a configurable ruleset, and they are independent from each other. The same identity details can be registered in multiple pools (and will form a different identity in each). This can be useful in a number of situations, for example:

  • your application has separate concepts of “user” and “admin user”; you can have different rules for each
  • you want each tenant in a B2B system to be fully isolated, and potentially have different security requirements

Prefactor gives you the flexibility to find a design that suits your application.

Orienting yourself

Section titled “Orienting yourself”

On the pools screen, the navigation drops down a level and there are several sub-screens:

  • Pool overview: this screen
  • Identities: all the unique identities registered in this pool.
  • Devices: all the devices that have been used to access this pool. Managed using long-lived cookies.
  • Sessions: all the sessions that have been created to access this pool. These are shorter lived, start when the user first arrives and remain the same when the user authenticates. They are ended when the user logs out; a new session will be started the next time the user returns.
  • Authflows: all authflows that have been started within this pool. Each time a user starts a login process, changing their password etc, an authflow is created.

Identities

Section titled “Identities”

The identities page shows you all the identities that have been registered in this pool. For each identity you can see their details, any associated metadata, their factors and when they were last seen.

Devices

Section titled “Devices”

The devices page show you all the devices that have accessed this pool. For each device you can see the device type (browser/API) and when it was last seen.

Sessions

Section titled “Sessions”

The sessions page shows you all the sessions that have been created in this pool. For each session you can see the session type (browser/API) and when it was started/last active.

If the session is authenticated, you can see which identity was authenticated and the method used.

You can also revoke the session, which will mean the user will need to re-authenticate.

Authflows

Section titled “Authflows”

Every time a user starts a login or registration process, an authflow is created. This page shows you all of those flows. For each one you can see some of the factors used, and time of last activity.