Mobile SDKs
/
Android Kotlin
/
Advanced setup
Last updated

Android Kotlin advanced setup

In this guide, you'll find an overview and best practices for enabling advanced features and using built in functions for biometric authentication (passkeys) and step-up.

Passkeys authentication

Passkeys enable seamless, passwordless login with biometric authentication and WebAuthn. Follow these steps to integrate them manually using Frontegg's APIs.

Prerequisites

dependencies {
    implementation("androidx.browser:browser:1.8.0")
}

Register Passkey:

FronteggAuth.instance.registerPasskeys(activity!!) { error ->
    if (error != null) {
        Log.e("FronteggAuth", "Failed to register passkey: $error")
    } else {
        Log.i("FronteggAuth", "Passkey registered successfully")
    }
}

Login with passkey:

FronteggAuth.instance.loginWithPasskeys(activity!!) { error ->
    if (error != null) {
        Log.e("FronteggAuth", "Failed to login with passkey: $error")
    } else {
        Log.i("FronteggAuth", "Logged in successfully with passkey")
    }
}

Step-up authentication

Step-up authentication is a security feature that temporarily elevates a user's authentication level to perform sensitive actions, such as accessing personal data, making transactions, or changing security settings.

This guide describes how to use the isSteppedUp and stepUp methods in your Android application to ensure that your app handles sensitive actions securely by checking authentication status and prompting for re-verification only when necessary.

Please follow this guide for more details.

stepUp -

Triggers the step-up authentication process. Typically involves MFA or other user verification.


FronteggAuth.instance.stepUp(
    activity = this,
    maxAge = Duration.ofMinutes(5)
) { error ->
    if (error != null) {
// Handle authentication failure
        Log.e("StepUp", "Authentication failed", error)
    } else {
// Authentication succeeded, continue with sensitive action
        performSecureOperation()
    }
}

activity: The current Android Activity instance.

callback: A callback that receives an Exception if something goes wrong.

maxAge (optional): Same as in isSteppedUp, defines how long the step-up remains valid.

isSteppedUp -

This method whether the user has already completed a step-up authentication and is allowed to proceed.

val isSteppedUp = FronteggAuth.instance.isSteppedUp(maxAge = Duration.ofMinutes(5))

if (isSteppedUp) {
// Proceed with sensitive operation
} else {
// Trigger step-up
}

Example:

fun onSecureActionClicked() {
  if (FronteggAuth.instance.isSteppedUp(maxAge = Duration.ofMinutes(5))) {
    performSecureOperation()
  } else {
    FronteggAuth.instance.stepUp(this, Duration.ofMinutes(5)) { error ->
      if (error == null) {
        performSecureOperation()
      } else {
        Toast.makeText(this, "Step-up failed: ${error.message}", Toast.LENGTH_LONG).show()
      }
    }
  }
}

fun performSecureOperation() {
// Execute the action that requires elevated authentication
}