|
21 | 21 | - [Get user information](#get-user-information) |
22 | 22 | - [Custom Token Exchange](#custom-token-exchange) |
23 | 23 | - [Native to Web SSO login [EA]](#native-to-web-sso-login-ea) |
| 24 | + - [My Account API](#my-account-api) |
| 25 | + - [Enroll a new passkey](#enroll-a-new-passkey) |
24 | 26 | - [Credentials Manager](#credentials-manager) |
25 | 27 | - [Secure Credentials Manager](#secure-credentials-manager) |
26 | 28 | - [Usage](#usage) |
@@ -649,6 +651,115 @@ authentication |
649 | 651 | </details> |
650 | 652 |
|
651 | 653 |
|
| 654 | +## My Account API |
| 655 | + |
| 656 | +> [!NOTE] |
| 657 | +> The My Account API is currently available in [Early Access](https://auth0.com/docs/troubleshoot/product-lifecycle/product-release-stages#early-access). Please reach out to Auth0 support to get it enabled for your tenant. |
| 658 | +
|
| 659 | +Use the Auth0 My Account API to manage the current user's account. |
| 660 | + |
| 661 | +To call the My Account API, you need an access token issued specifically for this API, including any required scopes for the operations you want to perform. |
| 662 | + |
| 663 | +### Enroll a new passkey |
| 664 | + |
| 665 | +**Scopes required:** `create:me:authentication_methods` |
| 666 | + |
| 667 | +Enrolling a new passkey is a three-step process. First, you request an enrollment challenge from Auth0. Then you need to pass that challenge to Google's [Credential Manager](https://developer.android.com/identity/sign-in/credential-manager) |
| 668 | +APIs to create a new passkey credential. Finally, you use the created passkey credential and the original challenge to enroll the passkey with Auth0. |
| 669 | + |
| 670 | +#### Prerequisites |
| 671 | + |
| 672 | +- A custom domain configured for your Auth0 tenant. |
| 673 | +- The **Passkeys** grant to be enabled for your Auth0 application. |
| 674 | +- The Android **Device Settings** configured for your Auth0 application. |
| 675 | +- Passkeys are supported only on devices that run Android 9 (API level 28) or higher. |
| 676 | + |
| 677 | +Check [our documentation](https://auth0.com/docs/native-passkeys-for-mobile-applications#before-you-begin) for more information. |
| 678 | + |
| 679 | +#### 1. Request an enrollment challenge |
| 680 | + |
| 681 | +You can specify an optional user identity identifier and/or a database connection name to help Auth0 find the user. The user identity identifier will be needed if the user logged in with a [linked account](https://auth0.com/docs/manage-users/user-accounts/user-account-linking). |
| 682 | + |
| 683 | +```kotlin |
| 684 | + |
| 685 | +val client = MyAccountAPIClient(account, accessToken) |
| 686 | + |
| 687 | +client.passkeyEnrollmentChallenge() |
| 688 | + .start(object :Callback<PasskeyEnrollmentChallenge,MyAccountException>{ |
| 689 | + override fun onSuccess(result: PasskeyEnrollmentChallenge) { |
| 690 | + print("Challenge: ${result.challenge}") |
| 691 | + } |
| 692 | + override fun onFailure(error: MyAccountException) { |
| 693 | + print("Error: ${error.message}") |
| 694 | + } |
| 695 | + }) |
| 696 | +``` |
| 697 | +<details> |
| 698 | + <summary>Using coroutines</summary> |
| 699 | + |
| 700 | +```kotlin |
| 701 | + |
| 702 | + val client = MyAccountAPIClient(account, "accessToken") |
| 703 | + |
| 704 | + try{ |
| 705 | + val challenge = client.passkeyEnrollmentChallenge() |
| 706 | + .await() |
| 707 | + println("Challenge: $challenge") |
| 708 | + } catch (exception:MyAccountException){ |
| 709 | + print("Error: ${exception.message}") |
| 710 | + } |
| 711 | +``` |
| 712 | +</details> |
| 713 | + |
| 714 | +#### 2. Create a new passkey credential |
| 715 | + |
| 716 | +Use the enrollment challenge with the Google's [CredentialManager](https://developer.android.com/identity/sign-in/credential-manager) APIs to create a new passkey credential. |
| 717 | + |
| 718 | +```kotlin |
| 719 | +// Using coroutines |
| 720 | +val request = CreatePublicKeyCredentialRequest( |
| 721 | + Gson().toJson(enrollmentChallenge.authParamsPublicKey) |
| 722 | +) |
| 723 | + |
| 724 | +val result = credentialManager.createCredential(requireContext(), request) |
| 725 | + |
| 726 | +val passkeyCredentials = Gson().fromJson( |
| 727 | + (result as CreatePublicKeyCredentialResponse).registrationResponseJson, |
| 728 | + PublicKeyCredentials::class.java |
| 729 | +) |
| 730 | +``` |
| 731 | +#### 3. Enroll the passkey |
| 732 | + |
| 733 | +Use the created passkey credential and the enrollment challenge to enroll the passkey with Auth0. |
| 734 | + |
| 735 | +```Kotlin |
| 736 | + |
| 737 | +client.enroll(passkeyCredential,challenge) |
| 738 | + .start(object :Callback<PasskeyAuthenticationMethod,MyAccountException>{ |
| 739 | + override fun onSuccess(result: PasskeyAuthenticationMethod) { |
| 740 | + println("Passkey enrolled successfully: ${result.id}") |
| 741 | + } |
| 742 | + |
| 743 | + override fun onFailure(error: MyAccountException) { |
| 744 | + println("Error enrolling passkey: ${error.message}") |
| 745 | + } |
| 746 | + }) |
| 747 | +``` |
| 748 | +<details> |
| 749 | + <summary>Using coroutines</summary> |
| 750 | + |
| 751 | +```kotlin |
| 752 | + |
| 753 | +try{ |
| 754 | + val result = client.enroll(passkeyCredential,challenge) |
| 755 | + .await() |
| 756 | + println("Passkey enrolled successfully: ${result.id}") |
| 757 | +}catch(error:MyAccountException){ |
| 758 | + println("Error enrolling passkey: ${error.message}") |
| 759 | +} |
| 760 | +``` |
| 761 | +</details> |
| 762 | + |
652 | 763 | ## Credentials Manager |
653 | 764 |
|
654 | 765 | ### Secure Credentials Manager |
|
0 commit comments