Switch to dark theme

Switch to light theme

SDK Authentication


SDK authentication involves the generation of authentication token on both Android and iOS platforms. The token generation process involves generating and configuring the key-pair. The private key of the key-pair is responsible for signing the authentication token.

About Maven repository

In general, a Maven repository holds build artifacts and dependencies of varying types. The maven repositories are of two types such as local and remote.

  • The local repository is a directory on the computer where Maven runs.

  • A remote repository is accessible externally by using a variety of protocols such as file:// and https://.

Local and remote repositories are structured the same way so that scripts can run on either side, or they can be synced for offline use. However, the layout of the repositories is completely transparent to any Maven user.

Before you begin

Take care of the following prerequisites before you move to SDK authentication process:

  1. Add the following Maven repository URLs in the POM file of your project.

Maven repositories

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
    <project>
    ...
      <repositories>
      <repository>
      <id>apollo-maven</id>
    <name>Apollo maven</name>
      <url>http://172.16.64.117:8081/nexus/content/repositories/releases/'</url>
    <username>my_login</username>
      <password>my_password</password>
    </repository>
      <repository>
    <id>apollo-maven-snapshots</id>
    <name>Apollo maven snapshot</name>
    <url>http://172.16.64.117:8081/nexus/content/repositories/snapshots/'</url>
    <username>my_login</username>
    <password>my_password</password>
    </repository>
    </repositories>
    ...
    </project> 

Use the same credentials, as shared for the Android SDK’s Maven repository, to access the Maven repository.
  1. Add the following dependencies in your project.

Dependencies

1
2
3
  <groupId>in.zeta.apollo</groupId>
  <artifactId>tenant-commons</artifactId>
  <version>1.1</version> 

  1. Ensure that you receive the private key along with a token generation logic.

How to generate an authentication token?

The SDK authentication process involves generation of authentication token. This token must be generated on the server-side as it involves signing the data with a private key. The authentication token must be generated and passed on to the SDK during runtime.

We recommend the following to be taken care during authentication token generation:

  • Please ensure to keep the private key confidential. Therefore, the token generation logic should sit in the backend.

  • Update the token at every app launch. This ensures hassle-free creation of the authentication token whenever needed.

  • Always send a non-expired token while requesting authentication.

JWT token generation

1
2
3
4
5
6
  String jwtToken = AsymmetricJwtTokenGenerator.generateJWT(
                   <<issuerId>>,
                   <<base64EncodedPrivateKey>>,
                   <<algorithm>>,
                   <<claims>>,
                   <<expiryEpochTimeInMilliseconds>>);

Parameter description

  • issuerID: Unique identifier of the issuer. An issuer can be a company or a business domain. For example, Zeta.

  • base64EncodedPrivatekey: A private key of the key-pair generated during SDK authentication process. It is responsible for signing the data for the authentication token generation.

  • algorithm: Algorithm used for key-pair generation. C urrently, we support EC algorithm.

  • expiryEpochTimeInMilliseconds: Expiration time of the token. This time is mentioned as an epoch time in milliseconds.

  • claims: Claims are statements based on declarations made by the tenant in authentication token. You can add the claims in the SDK integration with Object type Map<String, Object>.

Sample Map for claims

1
2
3
  {
     'tenantUniqueVectorId': '<unique identifier for the app user>'
  } 
  • tenantUniqueVectorId: Unique identifier of the tenantUniqueVector generated by the tenant. This ID and the signature are verified during generation of authentication token.