Authgear
HomeGet Started
Search…
Authgear Docs
Get Started
Choose your authentication approach
Web SDK
React Native SDK
Flutter SDK
Xamarin SDK
Android SDK
Android Kotlin coroutine support
Android OKHttp Interceptor Extension (Optional)
iOS SDK
Backend Integration
Strategies
User, Identity and Authenticator
WhatsApp OTP Login
Social & Enterprise Identity Providers
Biometric login
Anonymous Users
Integrate
Using SDK to call your application server
User Settings
User Profile
Reauthentication
How Authgear integrate with your applications
Single Sign-on on mobile devices
Force authentication on app launch
Account Deletion
Customize
Privacy Policy & Terms of Service Links
Branding in Auth UI
Custom domain
Custom Email Provider
Customer Support Link
Localization & UI Text
APIs
API for Client Applications (OIDC 2.0)
Admin APIs
Webhooks
Webhooks
Client App SDKs
Javascript SDK Reference
iOS SDK Reference
Android SDK Reference
Flutter SDK Reference
Xamarin SDK Reference
Deploy on your Cloud
Running locally with Docker
Deploy with Helm chart
Authenticating HTTP request with Nginx
Configurations
Security Concerns
Non-HTTP scheme redirect URI
tutorials
Passwordless demo user for Apple App Review
Single-Page App
Local Development Setup
Powered By GitBook
Android SDK
How to use authgear android SDK

Setup Application in Authgear

Signup for an Authgear Portal account in https://portal.authgearapps.com/. Or you can use your self-deployed Authgear.
From the Project listing, create a new Project or select an existing Project. After that, we will need to create an application in the project.
Portal
authgear.yaml (self-deployed)
Create an application
  1. 1.
    Go to Applications on the left menu bar.
  2. 2.
    Click ⊕Add Application in the top tool bar.
  3. 3.
    Input the name of your application, e.g. "MyAwesomeApp".
  4. 4.
    Under Authorized Redirect URIs, Click "⊕Add URI".
  5. 5.
    In your IDE (e.g. Android Studio), define a custom URI scheme that the users will be redirected back to your app after they have authenticated with Authgear, e.g. com.myapp.example://host/path.[^1]
  6. 6.
    Head back to Authgear Portal, fill in the Redirect URI that you have defined in the previous steps.
  7. 7.
    Click "Save" in the top tool bar and keep the Client ID. You can also obtain it again from the Applications list later.
  8. 8.
    (Optional) Click "Edit" if you wish to configure more authentication settings.
Could not load image
If you wish to validate JSON Web Token (JWT) in your own application server, select "Issue JWT as access token".[^2] If you wish to forward authentication requests to Authgear Resolver Endpoint, leave this unchecked. See comparisons in Backend Integration.
oauth:
clients:
- name: your_app_name
client_id: a_random_generated_string
redirect_uris:
- "com.myapp://host/path"
grant_types:
- authorization_code
- refresh_token
response_types:
- code
- none

Get the SDK

  1. 1.
    Add jitpack repository to gradle
    allprojects {
    repositories {
    // Other repository
    maven { url 'https://jitpack.io' }
    }
    }
  2. 2.
    Add authgear in dependencies. Use $branch-SNAPSHOT (e.g. main-SNAPSHOT) for the latest version in a branch or a release tag/git commit hash of the desired version.
    dependencies {
    // Other implementations
    implementation 'com.github.authgear:authgear-sdk-android:SNAPSHOT'
    }

Setup Redirect URI for Your Android App

Add the following activity entry to the AndroidManifest.xml of your app. The intent system would dispatch the redirect URI to OauthRedirectActivity and the SDK would handle the rest.
<!-- Your application configuration. Omitted here for brevity -->
<application>
<!-- Other activities or entries -->
​
<!-- Add the following activity -->
<activity android:name="com.oursky.authgear.OauthRedirectActivity"
android:exported="false"
android:launchMode="singleTask">
<intent-filter>
<action android:name="android.intent.action.VIEW" />
<category android:name="android.intent.category.DEFAULT" />
<category android:name="android.intent.category.BROWSABLE" />
<!-- Configure data to be the exact redirect URI your app uses. -->
<!-- Here, we are using com.myapp://host/path as configured in authgear.yaml. -->
<!-- NOTE: The redirectURI supplied in AuthorizeOptions *has* to match as well -->
<data android:scheme="com.myapp"
android:host="host"
android:pathPrefix="/path"/>
</intent-filter>
</activity>
</application>

Initialize Authgear

Add the following code to your app's Application class. If there is none, add a class that extends Application. Make sure it is declared in AndroidManifest.xml's application tag with the name attribute as described here.
public class MyAwesomeApplication extends Application {
// The client ID of the oauth client.
private static final String CLIENT_ID = "a_random_generated_string"
// Deployed authgear's endpoint
private static final String AUTHGEAR_ENDPOINT = "http://<myapp>.authgearapps.com/"
private Authgear mAuthgear;
public void onCreate() {
super.onCreate();
mAuthgear = new Authgear(this, CLIENT_ID, AUTHGEAR_ENDPOINT);
mAuthgear.configure(new OnConfigureListener() {
@Override
public void onConfigured() {
// Authgear can be used.
}
​
@Override
public void onConfigurationFailed(@NonNull Throwable throwable) {
Log.d(TAG, throwable.toString());
// Something went wrong, check the client ID or endpoint.
}
});
}
​
public Authgear getAuthgear() {
return mAuthgear;
}
}

Authorize a user

Add the following code to your view model. Do NOT call these codes in activity as this can lead to memory leak when your activity instance is destroyed. You can read more on the view model in the official documentation here.
class MyAwesomeViewModel extends AndroidViewModel {
// Other methods
​
// This is called when login button is clicked.
public void login() {
MyAwesomeApplication app = getApplication();
app.getAuthgear().authorize(new AuthorizeOptions(
"com.myapp://host/path",
null,
null,
null,
null
), new OnAuthorizeListener() {
@Override
public void onAuthorized(@Nullable String state) {
// The user is logged in!
}
​
@Override
public void onAuthorizationFailed(@NonNull Throwable throwable) {
// Something went wrong.
}
});
}
}
The above call of authorize passes in the exact redirect URI as configured in the applications and manifest, the callback then indicates authorization success or failure. By default, the callback is called on the main thread.

Using the Access Token in HTTP Requests

Call refreshAccessTokenIfNeeded every time before using the access token, the function will check and make the network call only if the access token has expired. Include the access token into the Authorization header of your application request. If you are using OKHttp in your project, you can also use the interceptor extension provided by the SDK, see detail.
// Suppose we are preparing an http request in a background thread.
​
// Setting up the request, e.g. preparing a URLConnection
​
try {
authgear.refreshAccessTokenIfNeededSync();
} catch (OauthException e) {
// The token is expired.
}
String accessToken = authgear.getAccessToken();
if (accessToken == null) {
// The user is not logged in, or the token is expired.
// It is up to the caller to decide how to handle this situation.
// Typically, the request could be aborted
// immediately as the response would be 401 anyways.
return;
}
​
HashMap<String, String> headers = new HashMap<>();
headers.put("authorization", "Bearer " + accessToken);
​
// Submit the request with the headers...

Logout

To log out the user from the current app session, you need to invoke thelogoutfunction.
class MyAwesomeViewModel extends AndroidViewModel {
// Other methods
​
// This is called when logout button is clicked.
public void logout() {
MyAwesomeApplication app = getApplication();
app.getAuthgear().logout(.logout(new OnLogoutListener() {
@Override
public void onLogout() {
// Logout successfully
}
​
@Override
public void onLogoutFailed(@NonNull Throwable throwable) {
// Failed to logout
}
});
}
}

Next steps

To protect your application server from unauthorized access. You will need to integrate your backend with Authgear.

Android SDK Reference

For detailed documentation on the Flutter SDK, visit Android SDK Reference​

Footnote

[^1]: For futher instruction on setting up custom URI scheme in Android, see https://developer.android.com/training/app-links/deep-linking [^2]: For more explaination on JWT, see https://en.wikipedia.org/wiki/JSON_Web_Token​
Get Started - Previous
Xamarin SDK
Next
Android Kotlin coroutine support
Last modified 1mo ago
Copy link
Outline
Setup Application in Authgear
Get the SDK
Setup Redirect URI for Your Android App
Initialize Authgear
Authorize a user
Using the Access Token in HTTP Requests
Logout
Next steps
Android SDK Reference
Footnote