Android
Signicat offers a mobile SDK to easily connect Android devices to the Signicat Identity Broker. Here is how to integrate the Android SDK into your application.

Requirements

The requirements for the Android SDK are:
  • the Android SDK is build with androidx. Therefore. you must have an androidx application to use the AndroidSDK
  • minimum API level: 23
  • if you have a Java based Android application, you must include the "org.jetbrains.kotlin:kotlin-stdlib:1.3.50" dependency to your project
  • The target phone's default browser must support cookies, otherwise a browser that supports cookies must be set as default

Quick Start

To start using the Android SDK:
  • include the "android-sdk-${version}.aar" library in your project
  • set up app links for your application by following the next section
The Android SDK uses app links as a mechanism for connecting to the broker. For this reason, an app link configuration needs to be set up on your tenant. This can be easily configured from the UI by filling in the Android App package name and fingerprint under your service provider configuration.
Once the configuration is done, you can view the result at:
https://YOUR_TENANT_DOMAIN/.well-known/assetlinks.json
This will take care of the web server configuration. Now in order for your app to work you will need to configure the activities matching the URLs (the demo example provides the configuration already) inside your Android manifest and to make sure you have autoVerify true.
1
<activity
2
android:name="SDK_ACTIVITY"
3
android:windowSoftInputMode="stateHidden">
4
<intent-filter android:autoVerify="true">
5
<action android:name="android.intent.action.VIEW" />
6
7
<category android:name="android.intent.category.DEFAULT" />
8
<category android:name="android.intent.category.BROWSABLE" />
9
10
<data
11
android:scheme="https"
12
android:host="YOUR_TENANT_DOMAIN"
13
android:pathPrefix="PATH_PREFIX" />
14
</intent-filter>
15
</activity>
Copied!
SDK_ACTIVITY, YOUR_TENANT_DOMAIN and PATH_PREFIX will need to be filled in with the appropriate values (Please follow the demo application).

API

The Android SDK offers 3 basic methods that can be called from the base class: "com.connectis.sdk.ConnectisSDK".

Login

1
fun login(
2
sdkConfiguration: ConnectisSDKConfiguration,
3
caller: Context,
4
delegate: AuthenticationResponseDelegate,
5
errorResponseDelegate: ErrorResponseDelegate? = null
6
allowDeviceAuthentication: Boolean = false
7
)
Copied!
Where ConnectisSDKConfiguration is a basic data class:
1
data class ConnectisSDKConfiguration(
2
val issuer: String,
3
val clientId: String,
4
val redirectUri: String,
5
val scopes: String? = null,
6
val brokerAppAcs: String? = null,
7
val brokerDigidAppAcs: String? = null,
8
val loginFlow: LoginFlow = LoginFlow.WEB
9
)
Copied!
and AuthenticationResponseDelegate is a interface where you can handle the response:
1
interface AuthenticationResponseDelegate{
2
fun handleResponse(authenticatonResponse: AuthenticationResponse)
3
fun onCancel()
4
}
Copied!
the AuthenticationResponse is the class you will receive after a login was made in the CIB.
1
data class AuthenticationResponse(
2
val isSuccess: Boolean,
3
val error: String?,
4
val nameIdentifier: String?,
5
val attributes: List<Attribute>
6
)
Copied!
Properties definition:
  • issuer - the endpoint of the CIB that you want to connect to. Given by Connectis Technical Support.
  • clientId - the client-id that you provided to Connectis Technical Support.
  • redirectUri - must be set to the app link value
  • scopes - can be set if you want to do idp scoping (bypass the idp selection screen or for app2app)
  • brokerAppAcs - must be set for app2app openid: broker endpoint for processing app2app openid flows
  • brokerDigidAppAcs - must be set for app2app DigID: broker endpoint for processing app2app DigID flow
  • loginFlow - can be set to either WEB or APP_TO_APP, default is WEB
  • caller - The activity context where you call the ConnectisSDK from
  • delegate - your implementation of the AuthenticationResponseDelegate interface
  • errorResponseDelegate - optional implementation for handling errors (if none is provided, exceptions will be thrown on error)
  • allowDeviceAuthentication - true if you wish to enable device authentication in your application, false otherwise

OpenId Access Token

The API provides access to a valid OpenId access token
1
fun useAccessToken(
2
caller: Context,
3
accessTokenDelegate: AccessTokenDelegate
4
)
Copied!
where AccessTokenDelegate is an interface:
1
interface AccessTokenDelegate {
2
fun handleAccessToken(accessToken : Token)
3
fun onError(errorMessage: String)
4
}
Copied!
Note: for security reasons, the OpenId Access Token should be treated as a secret in the software.

Device Authentication

The Android SDK offers the possibility to authenticate the users, once the user logged in at least once, using the mobile phone device authentication supported methods(face unlock, fingerprint, pin code)
To enable the device authentication flow call the following method after the user logged in using the CIB:
1
fun enableDeviceAuthentication(originalContext: Context)
Copied!
If you wish to disable the device authentication you can call the following function:
1
fun disableDeviceAuthentication(originalConte
Copied!
Last modified 4mo ago