Comment on page
Token Management

How the Android SDK manages your user's tokens
Use Passage Token Store
When you create an instance of Passage you also get an instance of PassageTokenStore , unless you choose to opt out of this functionality (see Manage tokens yourself).
Get auth token
You can access the current auth token this way:
val token = passage.tokenStore.authToken
Get refreshed auth token
If you've setup refresh tokens in your app (strongly recommended), the Passage Token Store handles refreshing the auth token for you before it expires. If you have short lived auth tokens, it is highly recommended you use the getValidAuthToken suspend method instead of the above property, so you don't have to worry about using an expired token.
suspend fun exampleGetRequest() {
    val token = passage.tokenStore.getValidAuthToken()
    // Use token
}
How are tokens stored?
Your user's auth token and refresh token are both stored on device using Android's own Encrypted Shared Preferences library. When you sign out your user, the tokens are revoked on the server and removed from the device.
​
Manage tokens yourself
If you would prefer to manage tokens yourself and not use Passage Token Store, simply copy and paste this into your app's strings.xml file:
<string name="use_passage_store">false</string>
Note that you will not be able to access passage.tokenStore when you set this.
Get tokens from auth methods
Any successful authentication call you make (see Passkey Authentication and Email/SMS Authentication) returns a PassageAuthResult which contains your user's auth token and refresh token.
For example:
suspend fun login() {
    try {
        val authResult = passage.loginWithPasskey()
        val authToken = authResult.authToken // String
        val refreshToken = authResult.refreshToken // String?
        val expiration = authResult.refreshTokenExpiration // Int?
    } catch (e: LoginWithPasskeyException) {
        // ..
    }
}
You can then store and mange them however you choose.
Authenticate PassageUser requests
To make a request on a PassageUser like user.changeEmail(newEmail) you'll first need to provide that auth token to the Passage class.
Passage.setAuthToken(YOUR_TOKEN)
val user = passage.getCurrentUser()
user.changeEmail("[email protected]")
Refresh and revoke tokens
You can use the PassageToken methods to refresh or revoke tokens like this:
suspend fun getNewTokens(oldRefreshToken: String) {
    try {
        val authResult = PassageToken.refreshAuthToken(oldRefreshToken)
        val newAuthToken = authResult.authToken
        val newRefreshToken = authResult.refreshToken
        val newExpiration = authResult.refreshTokenExpiration
    } catch(e: PassageTokenException) {
        when (e) {
            is PassageTokenUnauthorizedException -> {
                // Refresh token is no longer valid
            }
        }
    }
}
​
suspend fun revokeToken(refreshToken: String) {
    try {
        passage.revokeRefreshToken(refreshToken)
    } catch (e: PassageTokenException) {
        // ..
    }
}
​
User Management
Troubleshooting
Last modified 4d ago