2 C
London
Wednesday, November 20, 2024

Easy account restoration for Android apps



Easy account restoration for Android apps

Posted by Neelansh Sahai – Developer Relations Engineer

Do you know that, on common, 40% of the individuals within the US reset or change their smartphones yearly? This frequent gadget turnover presents a problem – and a chance – for sustaining robust consumer relationships. When customers get a brand new cellphone, the friction of re-entering login credentials can result in frustration, app abandonment, and churn.

To deal with this problem, we’re introducing Restore Credentials, a brand new function of Android’s Credential Supervisor API. With Restore Credentials, apps can seamlessly onboard customers to their accounts on a brand new gadget after they restore their apps and knowledge from their earlier gadget. This makes the transition to a brand new gadget easy and fosters loyalty and long run relationships.

On high of all this, there isn’t any developer effort required for the switch of a restore key from one gadget to the opposite, as this course of is tied along with the android system’s backup and restore mechanism. Nonetheless, if you wish to login your customers silently as quickly because the restore is accomplished, you may wish to implement BackupAgent and add your logic within the onRestore callback. The expertise is pleasant – customers will proceed being signed in as they have been on their earlier gadget, and they’ll be capable to get notifications to simply entry their content material with out even needing to open the app on the brand new gadget.

An illustration the process of restoring app data and keys to a new device, highlighting automated steps and user interactions.  The top row shows a user signing into an app and a restore key being saved locally, while the bottom row shows the restore process on a new device.

click on to enlarge

A number of the advantages of the Restore Credentials function embrace:

    • Seamless consumer expertise: Customers can simply transition to a brand new Android gadget.
    • Quick engagement: Interact customers with notifications or different prompts as quickly as they begin utilizing their new gadget.
    • Silent login with backup agent integration: In case you’re utilizing a backup agent, customers may be robotically logged again in after knowledge restoration is full.
    • Restore key checks with out backup agent integration: If a backup agent is not getting used, the app can examine for a restore key upon first launch after which log the consumer in robotically.

How does Restore Credentials work?

The Restore Credentials function permits seamless consumer account restoration on a brand new gadget. This course of happens robotically within the background throughout gadget setup when a consumer restores apps and knowledge from a earlier gadget. By restoring app credentials, the function permits the app to signal the consumer again in with out requiring any further interplay.

The credential sort that’s supported for this function is named restore key, which is a public key suitable with passkey / FIDO2 backends.

A diagram shows the device-to-device and cloud backup restore processes for app data and restore keys between old and new devices.  Steps are numbered and explained within the diagram.

Diagram that depicts restoring an app knowledge to a brand new gadget utilizing a restore credential, together with creating the credential, initiating a restore circulation, and automated consumer sign-in.

Person circulation

On the outdated gadget:

  1. If the present signed-in consumer is trusted, you’ll be able to generate a restore key at any level after they’ve authenticated in your app. As an illustration, this may very well be instantly after login or throughout a routine examine for an current restore key.
  2. The restore secret is saved domestically and backed as much as the cloud. Apps can opt-out of backing it as much as the cloud.

On the brand new gadget:

  1. When establishing a brand new gadget, the consumer can choose one of many two choices to revive knowledge. Both they’ll restore knowledge from a cloud backup, or can domestically switch the info. If the consumer transfers domestically, the restore secret is transferred domestically from the outdated to the brand new gadget. In any other case, if the consumer restores utilizing the cloud backup, the restore key will get downloaded together with the app knowledge from cloud backup to the brand new gadget.
  2. As soon as this restore secret is out there on the brand new gadget, the app can use it to log within the consumer on the brand new gadget silently within the background.

Notice: It is best to delete the restore key as quickly because the consumer indicators out. You don’t need your consumer to get caught in a cycle of signing out deliberately after which robotically getting logged again in.

Tips on how to implement Restore Credentials

Utilizing the Jetpack Credential Supervisor allow you to create, get, and clear the related Restore Credentials:

    • Create a Restore Credential: When the consumer indicators in to your app, create a Restore Credential related to their account. This credential is saved domestically and synced to the cloud if the consumer has enabled Google Backup and finish to finish encryption is accessible. Apps can choose out of syncing to the cloud.
    • Get the Restore Credential: When the consumer units up a brand new gadget, your app requests the Restore Credential from Credential Supervisor. This permits your consumer to check in robotically.
    • Clear the Restore Credential: When the consumer indicators out of your app, delete the related Restore Credential.

Restore Credentials is accessible by the Credential Supervisor Jetpack library. The minimal model of the Jetpack Library is 1.5.0-beta01, and the minimal GMS model is 242200000. For extra on this, seek advice from the Restore Credentials DAC web page. To get began, observe these steps:

// construct.gradle.kts
implementation("androidx.credentials:credentials:1.5.0-beta01")
// Fetch Registration JSON from server
// Identical because the registrationJson created on the time of making a Passkey
// See documentation for more information
val registrationJson = ... 

// Create the CreateRestoreCredentialRequest object
// Go within the registrationJSON 
val createRequest = CreateRestoreCredentialRequest(
  registrationJson,
  /* isCloudBackupEnabled = */ true
)

      NOTE: Set the isCloudBackupEnabled flag to false if you’d like the restoreKey to be saved domestically and never within the cloud. It’s set as true by default

val credentialManager = CredentialManager.create(context)

// On a profitable authentication create a Restore Key
// Go within the context and CreateRestoreCredentialRequest object
val response = credentialManager.createCredential(
    context,
    createRestoreRequest
)

    4. When the consumer units up a brand new gadget, name the getCredential() methodology on the CredentialManager object.

// Fetch the Authentication JSON from server
val authenticationJson = ...

// Create the GetRestoreCredentialRequest object
val choices = GetRestoreCredentialOption(authenticationJson)
val getRequest = GetCredentialRequest(Immutablelist.of(choices))

// The restore key may be fetched in two situations to 
// 1. On the primary launch of app on the gadget, fetch the Restore Key
// 2. Within the onRestore callback (if the app implements the Backup Agent)
val response = credentialManager.getCredential(context, getRequest)

In case you’re utilizing a backup agent, carry out the getCredential half throughout the onRestore callback. This ensures that the app’s credentials are restored instantly after the app knowledge is restored.

    5. When the consumer indicators out of your app, name the clearCredentialState() methodology on the CredentialManager object.

// Create a ClearCredentialStateRequest object
val clearRequest = ClearCredentialStateRequest(/* requestType = */ 1)

// On consumer log-out, clear the restore key
val response = credentialManager.clearCredentialState(clearRequest)

Conclusion

The Restore Credentials function offers vital advantages, making certain customers expertise a clean transition between units, and permitting them to log in shortly and simply by backup brokers or restore key checks. For builders, the function is simple to combine and leverages current passkey server-side infrastructure. Total, Restore Credentials is a precious instrument that delivers a sensible and user-friendly authentication answer.

This weblog submit is part of our sequence: Highlight Week: Passkeys. We’re offering you with a wealth of assets by the week. Suppose informative weblog posts, participating movies, sensible pattern code, and extra—all fastidiously designed that can assist you leverage the most recent developments in seamless sign-up and sign-in experiences.

With these cutting-edge options, you’ll be able to improve safety, scale back friction on your customers, and keep forward of the curve within the quickly evolving panorama of digital identification. To get an entire overview of what Highlight Week has to supply and the way it can profit you, remember to learn our overview weblog submit.

Latest news
Related news

LEAVE A REPLY

Please enter your comment!
Please enter your name here