Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo

All

  • All
back

Android SDK

Authenticate users implicitly

search

Authenticate users implicitly

The Android SDK allows you to authenticate users implicitly (without user interaction) using the device credentials. You can use it only for regular authentication, mobile authentication is not supported. Before you start using the implicit authentication, you have to manually enable it in the client configuration in the IDAAS-core.

Note

Only one user can be implicitly authenticated at a time. Implicitly authenticating another user will cause the current implicitly authenticated user to be logged out.

Determine if user exists

The UserClient contains the getUserProfiles method, which returns a set of all registered UserProfile value objects. If the method isRegisteredAtLeastOneUser returns false, it means no user is authenticated on the device. If the user is not registered, the user must register before they will be able to login.

Example code - verify device has a registered user

    private boolean isRegisteredAtLeastOneUser() {
    final Set<UserProfile> userProfiles = OneginiSDK.getOneginiClient(this).getUserClient().getUserProfiles();
    return userProfiles.size() > 0;
    }

Implicitly login registered user

If a user is authenticated, you can implicitly log in that user using the authenticateUserImplicitly method from the UserClient. This method requires three arguments:

  • UserProfile is the UserProfile to implicitly authenticate.
  • String[] is the list of scopes to request. It should be a subset of the scopes already granted to the UserProfile during registration, or null if you want to request all the scopes granted during user registration.
  • OneginiImplicitAuthenticationHandler is the implicit authentication handler to return the authentication result to.

The result of the implicit authentication is an access token. The implicit authentication handler contains:

  • onSuccess is the method that lets you know that authentication was finished successfully. At this point, you can request data on behalf of the user.
  • onError is the method that is called in every other case.

UserClient contains a getImplicitlyAuthenticatedUserProfile method that returns the current implicitly authenticated UserProfile object, or null if no user is implicitly authenticated.

Example code - implicitly log in registered user

private void loginUserImplicitly(final UserProfile userProfile) {
    OneginiSDK.getOneginiClient(this).getUserClient()
        .authenticateUserImplicitly(userProfile, new String[]{ "read" }, new OneginiImplicitAuthenticationHandler() {
          @Override
          public void onSuccess(final UserProfile profile) {
            //user has been logged in
          }

          @Override
          public void onError(final OneginiImplicitTokenRequestError oneginiImplicitTokenRequestError) {
            //handle implicit authentication errors
          }
        });
  }

Check which user is implicitly authenticated

UserClient contains a method getImplicitlyAuthenticatedUserProfile that returns the currently implicitly authenticated UserProfile object or null if no user is implicitly authenticated.

On this page