0.1.0
π
Quickstart Guides
π
SDK Reference
π‘οΈ Protecting Your Account
ποΈ Getting Access Token
Sign In with Email/Phone Number
Our Android SDK offers the easiest way to verify email/phone numbers in your android app. You can simply call a function and it does most of the heavy lifting and authentication for you.
Overview
Verifying email and phone number in your mobile app using our Android SDK consists of the following steps:
- 1.Import Cotter
- 2.Call Cotter's Login function
- 3.Receive user's email or phone number, and whether or not it's verified
What you're building
Cotter's Android SDK
Steps
- 1.
- 3.βRegister URL Scheme: Cotter's authentication will redirect back to your application using this URL scheme.
- 4.βCall Cotter's Login function: This function will handle the WebView, verifying phone number or email, and request the identity from Cotter's server.
- 5.
Step 1: Import Cotter as a dependency
Add JitPack repository your project level
build.gradle at the end of repositories.build.gradle
1
allprojects {
2
repositories {
3
...
4
maven { url 'https://jitpack.io' }
5
}
6
}
Copied!
Add the Cotter's SDK as a dependency in your app level
build.gradle .1
android {
2
...
3
compileOptions {
4
sourceCompatibility JavaVersion.VERSION_1_8
5
targetCompatibility JavaVersion.VERSION_1_8
6
}
7
}
8
β
9
dependencies {
10
...
11
implementation 'com.github.cotterapp:android-sdk:0.3.0'
12
}
Copied!
Then sync your gradle files.
Step 2: Initialize Cotter with your API keys
Initialize Cotter with your
API_KEY_ID . Call the function below in your MainActivity1
Cotter.init(this.getApplicationContext(),
2
"https://www.cotter.app/api/v0",
3
<API_KEY_ID>);
Copied!
For example:
MainActivity.java
1
public class MainActivity extends AppCompatActivity {
2
β
3
@Override
4
protected void onCreate(Bundle savedInstanceState) {
5
...
6
β
7
Cotter.init(this.getApplicationContext(),
8
"https://www.cotter.app/api/v0",
9
<API_KEY_ID>);
10
}
11
...
Copied!
Step 3: Register a URL Scheme
You also need to decide a callback URL scheme that you want to use. If your app's package name is
com.example.myapplication then you should use something like this for your URL Scheme callback.1
com.example.myapplication://auth_callback
Copied!
Make sure your URL scheme (the front part before
://) doesn't have an underscore or other special characters. To test it out, enter your Redirect URL here: https://jsfiddle.net/omd02jn5/β This URL scheme will be called when Cotter's verification is done and want to go back to your app. Read more about Android deep-linking.β
You need to register this URL Scheme to receive the callback. Add the following in your
AndroidManifest.xml . Check the example in the example's Github repo.AndroidManifest.xml
1
<!-- ADD THE LINES FROM HERE -->
2
<activity android:name="com.cotter.app.RedirectUriReceiverActivity" android:exported="true">
3
<intent-filter>
4
<action android:name="android.intent.action.VIEW"/>
5
<category android:name="android.intent.category.DEFAULT"/>
6
<category android:name="android.intent.category.BROWSABLE"/>
7
8
<!-- This example is for: com.example.myapplication://auth_callback -->
9
<!-- Change it to your own url -->
10
<data android:scheme="com.example.myapplication"
11
android:host="auth_callback"/>
12
</intent-filter>
13
</activity>
14
<!-- TO HERE -->
Copied!
Step 4: Call Cotter's Login function
To open up Cotter's Login screen, you can either have your user input their email or phone number inside Cotter's screen, or you can provide a text input where your users can enter their email / phone, and you can pass that to Cotter's screen.
a) To login and enter the email or phone number in Cotter's window:
1
// Provide Context and the URL Scheme
2
Cotter.newIdentity(this, "com.example.myapplication://auth_callback")
3
.login(
4
"EMAIL", // EMAIL or PHONE
5
this, // Context
6
Dashboard.class); // Callback Class
Copied!
b) �To login with the email or phone number that your user entered in your app:
1
// Provide Context and the URL Scheme
2
Cotter.newIdentity(this, "com.example.myapplication://auth_callback")
3
.loginWithInput( // Context
4
"EMAIL", // EMAIL or PHONE
5
input.getText().toString(), // User's email
6
this, // Context
7
CallbackActivity.class); // Callback Class
Copied!
To send code/link via SMS or WhatsApp, you'll need to add some balance to you project in the Dashboard.
You need to provide a class to redirect to when Cotter's email/phone number verification is complete.
Try it now! You can check if it works so far by invoking the login function above on a button click. It should load Cotter's Authentication page on a WebView.
Step 5: Receive the Token
In your
CallbackActivity class, receive the token from the intent inside onCreate using this function.1
String resp = IdentityManager.handleResponse(getIntent());
2
if (resp != null) {
3
Log.i("Login Response: ", resp);
4
}
5
String error = IdentityManager.handleError(getIntent());
6
if (error != null) {
7
Log.i("Login Error: ", error);
8
}
Copied!
For example, if your
CallbackActivity class is called Dashboard:1
public class Dashboard extends AppCompatActivity {
2
β
3
@Override
4
protected void onCreate(Bundle savedInstanceState) {
5
super.onCreate(savedInstanceState);
6
setContentView(R.layout.activity_dashboard);
7
8
// Handle response here
9
String resp = IdentityManager.handleResponse(getIntent());
10
if (resp != null) {
11
Log.i("Login Response: ", resp);
12
}
13
14
// Handle error here
15
String error = IdentityManager.handleError(getIntent());
16
if (error != null) {
17
Log.i("Login Error: ", error);
18
}
19
}
20
}
Copied!
The
resp will consist of the following JSON Object as a string.1
{
2
"identifier": {
3
"ID": "f4286df9-a923-429c-bc33-5089ffed5f68",
4
"created_at": "2020-07-21T22:53:21.211367Z",
5
"updated_at": "2020-07-21T22:53:21.211367Z",
6
"deleted_at": "0001-01-01T00:00:00Z",
7
"identifier": "[email protected]", // User's email
8
"identifier_type": "EMAIL",
9
"device_type": "BROWSER",
10
"device_name": "Mozilla/5.0 (Linux; Android 9; Android SDK built for x86 Build/PSR1.180720.075) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Mobile Safari/537.36",
11
"expiry": "2020-08-20T22:53:21.19705Z",
12
"timestamp": "2020-07-21T22:53:21.19705Z"
13
},
14
"oauth_token": {
15
"access_token": "eyJhbGciOiJFUz...", // Validate this access token
16
"id_token": "eyJhbGciOiJFUzI1...",
17
"refresh_token": "27944:lb31DY5pG229n...",
18
"expires_in": 3600,
19
"token_type": "Bearer",
20
"auth_method": "OTP"
21
},
22
"token": {...},
23
"user": {
24
"ID": "643a42c7-316a-4abe-b27e-f4d0f903bfea", // Cotter uesr ID
25
"identifier": "[email protected]",
26
...
27
}
28
}
Copied!
This JSON object contains 3 objects,
identifier , oauth_token and user . - The identifier object contains information about the user's email or phone number, device type and name, and expiry.
- The
oauth_tokencontains anaccess_tokenthat you can validate in your backend. - The
usercontains the User object in Cotter, which includes a "Cotter User ID". You should associate your user with this Cotter User ID for reference.
You should include this JSON Object into your call to your backend for Login or Registration. Your backend should then verify that the access token is valid.β
Validating Cotter's Access Token
Checkout how to verify the OAuth Tokens from Cotter here:
π You're done!
Securing your Project
Since you'll be using your API Key from a front-end website or mobile app, your
API_KEY_ID is exposed to anyone inspecting your code. Here are some ways to prevent abuse:Next Steps
Implement Trusted Devices
Add Biometric/PIN
β
Last modified 1yr ago
Copy link
Contents
Overview
What you're building
Steps
Step 1: Import Cotter as a dependency
Step 2: Initialize Cotter with your API keys
Step 3: Register a URL Scheme
Step 4: Call Cotter's Login function
Step 5: Receive the Token
Validating Cotter's Access Token
π You're done!
Securing your Project
Next Steps
Implement Trusted Devices
Add Biometric/PIN