-
Notifications
You must be signed in to change notification settings - Fork 1
Authenticating a user
The Lithium Community Android SDK supports Lithium Registration and LithiumSSO authentication options. After you authenticate, you can make calls to the Community REST APIs (v1 and v2) on behalf of the logged-in member or anonymous visitor. You must call the authentication flow explicitly in your code. An anonymous user will receive a 401 error (Unauthorized) if the user attempts to perform an action that he or she does not have permission to do. We show an example of how to check for a 401 error and how to start the login flow when attempting to perform an unauthorized action in in our Tutorial guide.
As we describe in Getting Started with the Community Android SDK, authentication must be launched explicitly in your code. You might include it in your initialization code, or trigger the flow at some point after you have initialized the SDK, such as when the user attempts to perform an action like replying to a message or giving a kudo. See Initializing the SDK for initialization instructions.
The Community Android SDK supports the following user authentication options:
- Lithium Registration
- LithiumSSO token authentication
- Custom SSO - Contact Lithium Services for custom SSO integrations
Lithium Registration is the most basic authentication method. It is configured in Community Admin. A community user creates an account by providing an email, user name, and password. Lithium stores all account information. Password management actions such as Forgot Password or Password Reset are done through the platform.
A user name, email, and password are required when creating an account, although Lithium Services might have added additional, required registration fields requested by your Community team during launch. You can learn more about Lithium Registration in Authentication Overview on the Lithium Developer Documentation Portal.
LithiumSSO uses a token created using the Community API LithiumSSOClient class. (See LithiumSSO token authentication for sample token-generation code.) After creating the token, store the token as a String in a variable.
In addition to our SSO developer documentation mentioned above, also see our Administrator's Guide and our article about configuration options in Community Admin.
The SDK includes the following utility method on LiSDKManager for user authentication:
-
LiSDKManager.getInstance().isUserLoggedIn()- Check whether the user is logged in
The Support UI login flow with Lithium Registration takes the user to the LiLoginActivity (li_login_activity.xml) where he or she enters a user name and password. When using SSO with the Support UI, authentication occurs in the background.
You initiate the authentication/login flow using one of the following methods on LiSDKManager:
initLoginFlow(android.content.Context context)initLoginFlow(android.content.Context context, java.lang.String ssoToken)
The Core SDK and Support UI libraries use the same initLoginFlow methods.
When using Lithium Registration, initiate this authentication flow with the following, passing the Android context like this:
LiSDKManager.getInstance().initLoginFlow(this);
When using LithiumSSO, pass the SSO token generated using the instructions in Authentication Overview, along wiht the Android context like this:
LiSDKManager.getInstance().initLoginFlow(this, "<SSO Token>");