Authenticate user implicitly
Introduction
The SDK allows you to authenticate users implicitly (without user interaction) using the device credentials. It is less secure, but more convenient option to use if you want to fetch user specific resources with limited access. You can use it only for regular authentication, mobile authentication is not supported. Before you start using the implicit authentication, you have to manually enable it in the client configuration in the Token Server. Implicit authentication doesn't affect regular authentication, so you can implicitly authenticate a user regardless if any user is currently authenticated.
Only one user can be implicitly authenticated at a time. Implicitly authenticating another user will cause the current implicitly authenticated user to be logged out.
Determine if we can login user implicitly
The UserClient
contains the getUserProfiles
method which returns set of all registered UserProfiles. You can check size of that set to
determine if there is possibility to implicitly login.
If the method isRegisteredAtLeastOneUser
from the example below will return false
you can assume that no user is authenticated on the device. In that
case user have to register before implicitly logging in.
Example code
You can also use UserClient#isUserRegistered()
method in order to check if specified user is registered on the device.
Implicitly login registered user
When at least one user has already registered there is possibility to implicitly login that user using authenticateUserImplicitly
method from
the UserClient
. This method requires three arguments:
UserProfile
the UserProfile that we want to implicitly authenticate,String[]
the list of scopes that we want to request, it should be a subset of the scopes already granted to the UserProfile during registration ornull
, if you want to request all the scopes granted during user registration,OneginiImplicitAuthenticationHandler
the implicit authentication handler to return the authentication result to.
The result of the implicit authentication is an access token. The implicit authentication handler contains:
- an
onSuccess
method which lets you know that authentication was finished successfully - at this point, you can request data on behalf of the user, - an
onError
method which is called in every other case.
You can find more information about authentication in User authentication section.
Example code
For more info on error handling see the Error handling topic guide.
Checking which user is implicitly authenticated
UserClient
contains a method getImplicitlyAuthenticatedUserProfile
which returns the currently implicitly authenticated UserProfile object or null if
no user is implicitly authenticated.