SDKs for Android / General information

General information

The solution for user login and registration is based on the Login product. Authentication settings for your project are available in Publisher Account in the Login section.

How-tos

Learn about advanced setups from our how-tos.

How to set up OAuth 2.0 authentication

Notice
Use this how-to when working with the Login library.

OAuth 2.0 uses short-lived tokens with long-term authorization (refresh tokens) instead of long-lived tokens. A refresh token allows users to stay in your application for an extended period of time without needing to re-enter their username and password. This eliminates the risk of compromising user authentication data.

Set up OAuth 2.0 for authorization:

  • via username or email and password
  • via social networks

If this option is enabled, user registration and authentication is carried out by calling the Register new user and JWT auth by username and password API calls. The Login library provides the same methods for OAuth 2.0 authorization as for JWT token authorization.

Note
Enabling this setting doesn’t change the authentication process in your application for the user.

To configure OAuth 2.0 authorization:

  1. Set up OAuth 2.0 authentication for Login project in your Publisher Account.
  2. Initialize the library.

Set up OAuth 2.0 authentication for Login project in your Publisher Account

  1. Go to your Publisher Account.
  2. Click Login in the side menu.
  3. Click Configure in the Login project pane.
  4. Go to the Security block and select the OAuth 2.0 section.
  5. Click Add OAuth 2.0.
  6. In the OAuth 2.0 redirect URIs field, specify the URL or path in the application to which users are redirected after they have successfully authenticated, confirmed their email, or reset their password.
  7. Click Connect.
  8. Copy and save the Client ID.

Initialize the library

To initialize the library, add the following line to your Android project source code, specifying the following parameters:

  • login-project-idLogin ID found in Publisher Account > Login settings > Login ID.
  • oauth2-client-idClient ID received when setting up OAuth 2.0 in Publisher Account.

Copy
Full screen
Small screen
val loginConfig = LoginConfig.OauthBuilder()
                .setProjectId("login-project-id")
                .setOauthClientId("oauth2-client-id")
                .build()

XLogin.init(applicationContext, loginConfig)

The following methods are implemented in Login library to work with refresh tokens:

  • XLogin.refreshToken — refreshes the token.
  • XLogin.getToken — returns the current token.
  • XLogin.isTokenExpired — returns true if the token is expired.

Was this article helpful?
Thank you!
Is there anything we can improve? Message
We’re sorry to hear that
Please explain why this article wasn’t helpful to you. Message
Thank you for your feedback!
We’ll review your message and use it to help us improve your experience.
Hide

How to set up token invalidation

Notice
Use this how-to when working with the Login library.

Token invalidation allows for improved security of user authentication data in your application. If the option is enabled, a new token replaces the old one that becomes invalid every time the user authenticates.

Note
You can configure token invalidation for authentication that uses a JWT token. For OAuth 2.0 authentication, token invalidation is provided by the protocol itself and does not need to be configured separately.

When using the Login library, invalidation of the existing token and generation of a new one is made by calling Auth by username and password and Auth via social network API calls, if the with_logout parameter has the 1 value.

To use token invalidation in your Android project, you need to pass the withLogout = true parameter in the XLogin.login, XLogin.startSocialAuth, and XLogin.finishSocialAuth methods.

Was this article helpful?
Thank you!
Is there anything we can improve? Message
We’re sorry to hear that
Please explain why this article wasn’t helpful to you. Message
Thank you for your feedback!
We’ll review your message and use it to help us improve your experience.
Hide

Continue reading

Last updated: September 9, 2022

Found a typo or other text error? Select the text and press Ctrl+Enter.

Report a problem
We always review our content. Your feedback helps us improve it.
Provide an email so we can follow up
Thank you for your feedback!