Local Authentication Guidelines and Rules

Hi,

I would like to know the guidelines or rules regarding the implementation of Local Authentication. My client requirements are:

  1. After the user login in with username and password, reset password, it will then authorize face id or passcode to be able to access/navigate the app.

  2. Subsequent access will also require face id or passcode to access the app.

  3. Clicking app notifications when app is closed will require face id or passcode to access app.

Is this a proccess allowed by Apple?

Thanks

Local Authentication Guidelines and Rules
 
 
Q