Search
K
Links
Comment on page

Add Passage

Add Passage to your Android project

Prerequisites

If you don't already have an Android project and just want to try out Passage, you can clone our Android Example App.

Add the Passage SDK

In your module (app-level) Gradle file (usually <project>/<app-module>/build.gradle), add the Passage dependency like this, and then sync your Android project with Gradle files:
dependencies {
  // ...
  implementation 'id.passage.android:passage:1.5.1'
}
Declare an instance of Passage.
lateinit var passage: Passage
In your Activity’s onCreate() or Fragment’s onViewCreated method, initialize the Passage instance.
passage = Passage(requireActivity(), "YOUR_APP_ID")
If you are NOT using passkeys, that's it - you're ready to start using Passage!
If you ARE using passkeys, follow the below instructions

Configure app for passkeys

Google's Digital Asset Links protocol enables an app or website to make public, verifiable statements about other apps or websites.Your website must declare that it is associated with your specific Android app, and declare that it wants to share user credentials in order for passkey authentication to work.

Generate signing certificate fingerprint

To securely associate your website with your Android app, Google requires your Digital Asset Links JSON file to contain the SHA256 fingerprint of your app’s signing certificate.
To get your signing certificate fingerprint, copy and paste this code in your terminal, replacing the placeholder all caps values:
keytool -list -v -keystore PATH_TO_KEYSTORE -alias KEYSTORE_ALIAS -storepass STORE_PASSWORD -keypass KEY_PASSWORD
The output should include something like this:
SHA256: 5C:A2:55:53:25:86:7B:5A:21:82:EE:14:5A:3B:9C:99...
Need help with finding or using your certificate? Learn more here.
Create a new assetlinks.json file like this one, replacing the YOUR_WEBSITE, YOUR_ANDROID_PACKAGE_NAME, and YOUR_CERT_FINGERPRINT values:
[
{
"relation" : [
"delegate_permission/common.handle_all_urls",
"delegate_permission/common.get_login_creds"
],
"target" : {
"namespace" : "web",
"site" : "https://YOUR_WEBSITE"
}
},
{
"relation": [
"delegate_permission/common.handle_all_urls",
"delegate_permission/common.get_login_creds"
],
"target": {
"namespace": "android_app",
"package_name": "YOUR_ANDROID_PACKAGE_NAME",
"sha256_cert_fingerprints": ["YOUR_CERT_FINGERPRINT"]
}
}
]
Note that YOUR_WEBSITE must match your Passage app's auth origin
Publish this file to your site’s .well-known/ directory.

Step 2: Register your Android app with Passage

For passkeys to work in any Android app, Google requires the app's "APK key hash" to be set as the relying party's auth origin.

Generate your key hash

To get the key hash from your signing certificate, simply copy and paste this code in your terminal, replacing YOUR_SHA256_FINGERPRINT with the SHA256 fingerprint generated from the previous step:
echo "android:apk-key-hash:$(echo -n YOUR_SHA256_FINGERPRINT | xxd -r -p | base64 | tr -- '+/' '-_' | tr -d '=')"
Which should produce something like:
android:apk-key-hash:eiV7fQqjB85Hdtf2IpIV0ZsldECmDJRX9ajDxafpr

Submit key hash in Passage Console

In Passage Console, you’ll need to submit your android apk key hash in Settings -> General -> Android SDK.
Add your APK key hash in your app's Passage console.

Step 3: Configure asset statements

In your app’s strings.xml file, copy and past the following, replacing YOUR_AUTH_ORIGIN:
<resources>
//..
<!-- Required Passage app settings -->
<string name="passage_auth_origin">YOUR_AUTH_ORIGIN</string>
<string name="asset_statements">
[{
\\"include\\": \\"https://@string/passage_auth_origin/.well-known/assetlinks.json\\"
}]
</string>
</resources>
Finally, paste the following meta-data into your app’s AndroidManifest.xml:
<manifest ...>
<application ...>
<meta-data
android:name="asset_statements"
android:resource="@string/asset_statements" />
</application>
</manifest>