Comment on page
Add Passage
Add Passage to your Android project
- Make sure that your project meets these requirements:
- Targets API level 33 or higher
- Uses Android 13 or higher
If you don't already have an Android project and just want to try out Passage, you can clone our Android Example App.
In your module (app-level) Gradle file (usually
<project>/<app-module>/build.gradle), add the Passage dependency like this, and then sync your Android project with Gradle files:dependencies {
// ...
implementation 'id.passage.android:passage:1.5.1'
}
Declare an instance of
Passage.lateinit var passage: Passage
In your Activity’s
onCreate() or Fragment’s onViewCreated method, initialize the Passage instance.passage = Passage(requireActivity(), "YOUR_APP_ID")
If you are NOT using passkeys, that's it - you're ready to start using Passage!
If you ARE using passkeys, follow the below instructions
Google's Digital Asset Links protocol enables an app or website to make public, verifiable statements about other apps or websites.Your website must declare that it is associated with your specific Android app, and declare that it wants to share user credentials in order for passkey authentication to work.
To securely associate your website with your Android app, Google requires your Digital Asset Links JSON file to contain the SHA256 fingerprint of your app’s signing certificate.
To get your signing certificate fingerprint, copy and paste this code in your terminal, replacing the placeholder all caps values:
keytool -list -v -keystore PATH_TO_KEYSTORE -alias KEYSTORE_ALIAS -storepass STORE_PASSWORD -keypass KEY_PASSWORD
The output should include something like this:
SHA256: 5C:A2:55:53:25:86:7B:5A:21:82:EE:14:5A:3B:9C:99...
Create a new
assetlinks.json file like this one, replacing the YOUR_WEBSITE, YOUR_ANDROID_PACKAGE_NAME, and YOUR_CERT_FINGERPRINT values:[
{
"relation" : [
"delegate_permission/common.handle_all_urls",
"delegate_permission/common.get_login_creds"
],
"target" : {
"namespace" : "web",
"site" : "https://YOUR_WEBSITE"
}
},
{
"relation": [
"delegate_permission/common.handle_all_urls",
"delegate_permission/common.get_login_creds"
],
"target": {
"namespace": "android_app",
"package_name": "YOUR_ANDROID_PACKAGE_NAME",
"sha256_cert_fingerprints": ["YOUR_CERT_FINGERPRINT"]
}
}
]
Note that
YOUR_WEBSITE must match your Passage app's auth originPublish this file to your site’s
.well-known/ directory.
For passkeys to work in any Android app, Google requires the app's "APK key hash" to be set as the relying party's auth origin.
To get the key hash from your signing certificate, simply copy and paste this code in your terminal, replacing
YOUR_SHA256_FINGERPRINT with the SHA256 fingerprint generated from the previous step:echo "android:apk-key-hash:$(echo -n YOUR_SHA256_FINGERPRINT | xxd -r -p | base64 | tr -- '+/' '-_' | tr -d '=')"
Which should produce something like:
android:apk-key-hash:eiV7fQqjB85Hdtf2IpIV0ZsldECmDJRX9ajDxafpr
In Passage Console, you’ll need to submit your android apk key hash in Settings -> General -> Android SDK.
Add your APK key hash in your app's Passage console.
In your app’s
strings.xml file, copy and past the following, replacing YOUR_AUTH_ORIGIN:<resources>
//..
<!-- Required Passage app settings -->
<string name="passage_auth_origin">YOUR_AUTH_ORIGIN</string>
<string name="asset_statements">
[{
\\"include\\": \\"https://@string/passage_auth_origin/.well-known/assetlinks.json\\"
}]
</string>
</resources>
Finally, paste the following
meta-data into your app’s AndroidManifest.xml:<manifest ...>
<application ...>
<meta-data
android:name="asset_statements"
android:resource="@string/asset_statements" />
</application>
</manifest>
Last modified 3d ago