Desktop path
Desktop app
Best fit when the Aegir desktop app is installed and local secure unlock is available.
Current Path
Existing user sign-in
Sign in with Aegir and let the platform route you through the best trusted path available.
Beta-1 supports desktop app, mobile push, and QR handoff. If more than one identity is available, the user can choose whether the session returns as an Aegir-native login or through a supported federated provider.
Provider choice
When more than one trusted identity is available, the user should choose the provider intentionally.
Return mode
Beta-1 supports both an Aegir-native return path and an OIDC bridge handoff.
Mobile path
Mobile push
Use the Aegir mobile app when the user prefers device biometrics on their phone.
Fallback Available
Fallback path
QR handoff
Fallback to a QR-driven phone handoff when the user needs to move the trust event across devices.
Fallback Available
Current session status
Choose the path that best matches the device you trust today.
This page is the Beta-1 existing-user sign-in surface. It reflects the intended orchestration contract without pretending the full handoff backend is already live.
- Desktop app is the default path because it keeps the user on the strongest immediate trusted-device route.
- Mobile push and QR remain first-class Beta-1 options rather than afterthoughts.
- Provider choice stays explicit so Aegir can authenticate the user once and then feed the selected identity outward.
Fallback behavior
When a path is unavailable, the user should always have a credible next step.
- If desktop is unavailable, the user should be offered mobile push without losing provider or return-mode intent.
- If mobile push cannot complete, the user should be offered QR handoff to the same device trust flow.
- If no trusted path is available, the user should be told to install or open the Aegir desktop or mobile app.
- If more than one identity is available, provider choice should happen before the final return handoff.