Skip to main content

Login

If you receive StartResultEvent with LOGIN_REQUIRED as sdkState then you have to perform a login with the userIdentifer received in this event. Note that contrary to KOBIL Digitanium and KOBIL Digitanium+ installations, multiple users are not supported. Note that in the KOBIL Shift Lite environment, you can choose between several authentication modes during login. When the login attempt returns with an error such as NO_TOKEN_DATA_AVAILABLE, TOKEN_DATA_IS_OUTDATED, or CANNOT_ACQUIRE_TOKEN_DATA, you need to open the KOBIL Shift Lite system's login page and proceed as detailed in the Activation section.

Login event flow diagram for KOBIL Shift Lite

Here is an event flow diagram to detail what the event flow looks like for this process:

Offline Login

If you have an activated user you can perform an Offline login. If an Offline token is stored for that user and the OfflineLogin succeeds the MC you will return a Status OK.

When OfflineLoginResult comes back with StatusType != OK we recommend performing an idp login using the same authentication mode as before. Example: Biometry is enabled => OfflineLogin fails with StatusType != OK => open idp login page and perform login with AuthenticationMode.BIOMETRIC in your SetAuthorisationCodeEvent. When the login fails repeatedly (for example, due to an unrecognized fingerprint) we suggest asking the user how to proceed and whether they want to change the authentication mode.

iOS/Swift

For Swift, this can be done as follows:

IAMLogin (Swift)
// Offline Login does not mean you have to perform login in offline mode.
// This event checks whether your token is still valid or not.
// If it is valid then you will receive status OK else you receive other status.
// In that case you have to go to web view for getting authorization code same
// as above only difference is clientId.
public func performOfflineLogin(userIdentifier: KsUserIdentifier,completion:@escaping((KSMOfflineLoginResultEvent) -> Void?)){
    let offlineLoginEvent = KSMOfflineLoginEvent(userIdentifier: userIdentifier, authenticationMode: KSMAuthenticationMode.no)
    self.masterControllerAdapter.sendEvent2MasterController(offlineLoginEvent) {(event) in
        guard let macroEvent = event as? KsMacroEvent else {return}
        guard let resultEvent = macroEvent as? KSMOfflineLoginResultEvent else{return}
        completion(resultEvent)
    }
}

Android/Kotlin

For Kotlin, here is the corresponding code:

IAMLogin (Kotlin)
// Offline Login does not mean you have to perform login in offline mode.
//This event checks whether your token is still valid or not. If it is valid
// then you will receive status OK else you receive other status. In that
// case you have to go to web view for getting authorization code same as
// above only difference is clientId.
fun triggerOfflineLoginEvent(userIdentifier: UserIdentifier) {
    val offlineLoginEvent = OfflineLoginEvent(userIdentifier)
    mcEventHandler?.postEvent(offlineLoginEvent)?.then {
        logDebug("received OfflineLoginResultEvent: $it", "triggerOfflineLoginEvent")
        // handle result
    }
}

Login/Subsequent Login without Offline Token

For the Login/Subsequent Login without a valid OfflineToken you need to open your IAM login page with the following headers:

  • X-KOBIL-ASTCLIENTID : $clientId
  • X-KOBIL-ASTCLIENTDATA : $astClientData

After entering your credentials on the IAM login page, you will receive a URL from the web view that contains the authorization code. You need to parse the authorization code from the URL and provide it to the master controller sdk via SetAuthorizationCodeEvent. The MC will use the authorization code to exchange it for an IAM token. Upon successful key exchange you will receive a status OK.

Refer to IAM Activation for the extraction of the authorization code from the response url (see parseUrl() method).

SetAuthorizationCodeEvent (Kotlin)
//Set authorization code
fun setAuthorizationCode(userId: String, tenantId: String, authCode: String, clientId: String) {
    val authMode = if (SessionManager.getInstance(context).useBiometry()) AuthenticationMode.BIOMETRIC else AuthenticationMode.NO
    val setAuthCodeEvent = SetAuthorisationCodeEvent(UserIdentifier(tenantId, userId), authMode, authCode, clientId)
    mcEventHandler?.postEvent(setAuthCodeEvent)?.then {
        logDebug("received SetAuthorisationCodeResultEvent: $it", "setAuthorisationCode")
        // handle result. StatusType.OK would mean the user is now logged in.
    }
}