Skip to main content

Android

Prerequisites

Passkeys

On Android, passkeys are implemented using the Credential Manager API and synced via Google Password Manager. Passkeys are supported only on devices running Android 9 (API 28) or higher.

To use passkeys on Android you must setup a Digital Asset Links JSON file on your web domain.

  1. Host an assetlinks.json file on the domain that matches your relying party:

    GET https://<yourrelyingparty>/.well-known/assetlinks.json

  2. The response JSON should look something like this:

    [{
     "relation": ["delegate_permission/common.get_login_creds"],
     "target": {
       "namespace": "android_app",
       "package_name": "com.example",
       "sha256_cert_fingerprints": [
         "FA:C6:17:45:DC:09:03:78:6F:B9:ED:E6:2A:96:2B:39:9F:73:48:F0:BB:6F:89:9B:83:32:66:75:91:03:3B:9C"
       ]
     }
    }]

    but with the package name and SHA256 fingerprint updated to match your own app.

Installation

Ensure that you have mavenCentral listed in your project's buildscript repositories section:

buildscript {
  repositories {
    mavenCentral()
    ...
  }
}

Add the following to your app's build.gradle file:

Passkeys

implementation 'com.authsignal:authsignal-passkey-android:0.1.3'

Push

implementation 'com.authsignal:authsignal-push-android:0.2.3'

Initialization

Passkeys

import com.authsignal.passkey.AuthsignalPasskey
...

val authsignalPasskey = AuthsignalPasskey("YOUR_TENANT_ID", "YOUR_REGION_BASE_URL")

Push

import com.authsignal.push.AuthsignalPush
...

val authsignalPush = AuthsignalPush("YOUR_TENANT_ID", "YOUR_REGION_BASE_URL")

You can find your tenant ID in the Authsignal Portal.

You must specify the correct base URL for your tenant's region.

RegionBase URL
US (Oregon)https://api.authsignal.com/v1
AU (Sydney)https://au.api.authsignal.com/v1
EU (Dublin)https://eu.api.authsignal.com/v1

Passkeys

For more detail on passkeys refer to our getting started guide.

Registering a new passkey

val result = authsignalPasskey.signUp(token, userName)

Authenticating with an existing passkey

val result = authsignalPasskey.signIn()

Push

Adding a device credential

Adding a new credential must be authorized with a short-lived token. You can obtain this by tracking an action which will return a token in the response. This should be done at a point in your application when the user is strongly authenticated.

authsignalPush.addCredential(token)

Removing a device credential

authsignalPush.removeCredential()

Getting a challenge

val challengeId = authsignalPush.getChallenge()

Updating a challenge

val approved: Boolean = true // true if the user has approved the challenge

authsignalPush.updateChallenge(challengeId, approved)