Login with API or pass credentials to Intent
Hello,
I can successfully login to my sandbox application using the sdk in Android. I also have the Rainbow application installed from the play store which we want to use, rather than rewriting all the functionality into our app.
I would like that when I log in using the rainbow sdk, that it also logs the correct user into the main application Rainbow.apk one way or another, as a first step is just login/logout when the user uses our mobile app.
Different users (who have a email/password) can use the same telephone, so this is the requirement that for each user, they are logged into their rainbow account automatically. The use case can be the same for Ios.
Currently I can be logged in with USER A in the Rainbow App, and have a session in my app logged in to Rainbow with USER B. I want to strongly link the twop so I can login using the API and it logs in/disconnects the Rainbow App.
Android specific : Is there any data one can pass to the Intent (token or email/password) to login to the main application "automatically" when I open it from my application? Is there another way with the rainbow sdk and some sort of shared token, intents done by the sdk?
shorthand kotlin android code for what could be done ->
val intent = activity!!.packageManager.getLaunchIntentForPackage("com.ale.rainbow")
// for example
// launchIntent.extras.putString("email", "email@email.com")
//launchIntent.extras.putString("password", "password123")
startActivity(intent) // launches Rainbow with user/pass to login
The above code obviously does not prevent being logged in to rainbow in our app with different credentials than the play store app, which is essentially what we want to control.
What can be done in Android to solve this problem and from my app, logging in using the API will change the login in the rainbow app ->
https://stackoverflow.com/questions/4638939/android-communication-between-two-applications
I hope it's clear, thanks in advance.
-
Hi Timothy,
I apologize for my late answer.
It's definitively not a good way to do that because of security concerns.
The right way is either to use the Oauth 2 protocol if you want to connect to your 3rd party application with your Rainbow account or to use a SSO mechanism if you want that your identity provider make the check.
We have delivered the support of Oauth 2 for the SDK for Web. If you need it for Android, you could have a look to the documentation and samples available for the Web, it could help you implementing the same on Android.
For SSO, I encourage you to get in touch with your ALE Sales representative. Depending on your need, it could help you by sharing how to put in place. Official support is in progress, but I have no planned date.
Hope this will help,
Regards,
Olivier
-
Hi Oliver,
Just to be clear, on the same mobile device, I can be logged in as user A in the standalone Rainbow app and be logged in as user B within my app using the sdk and there is no way to circumvent this?
SSO I am not sure is relevant, unless you treat your standalone Rainbow application as a completely independant system to access through any of the SDKs? (This seems strange as it is the same rainbow account)
Thanks in advance
-
Hi Olivier,
Thanks for your response.
The issue I see is that there is no communication (and no way possible) between the Rainbow SDK and the standalone Rainbow application.
I wish that when we log in to a rainbow account within the SDK that there is a way to log in/notify the standalone application as the same user automatically at the same time so that we can utilize all the functionality and notifications already in place in the standalone app.
This is why I proposed possible solutions for you doing that by intents in android to the background service and providing the stackoverflow link to show the process of how this can be achieved.
Thanks in advance.
Tim
Please sign in to leave a comment.
Comments
4 comments