Skip to main content

Android Components v3.0.0

· 3 min read

The v3 release introduces a unified biometric enrollment and authentication process across platforms.

Note: Users who were previously enrolled using earlier SDK versions will be required to re-enroll due to changes in the token architecture introduced in v3.

  • A refresh of the Firebase JSON is required in sandbox (and production if applicable). The new firebase token will work with the v3 SDK. If you had previously provided a firebase token (to work with v1 or v2 SDK), this will no longer be displayed in the embedder portalEmbedder Portal A web-based portal where embedders can access their Weavr account, manage API credentials, configure settings, view dashboards, and access documentation. The portal provides access to both sandbox and production environments, with separate credentials for each., but it will still be applicable for that SDK.
    • Generate a new token (with the same configuration) from your Firebase Console
    • In the embedder portalEmbedder Portal A web-based portal where embedders can access their Weavr account, manage API credentials, configure settings, view dashboards, and access documentation. The portal provides access to both sandbox and production environments, with separate credentials for each., re-enable Biometric Authentication, and then Provide your Firebase Json file. Even if you had previously configured a firebase Json, a new one must be provided.
    • Re-enable Biometrics for user actions
    • Previously enrolled users will have to enroll again
  • Changes to un-enrollment behavior. Previously, a new user was allowed to enroll on a device that was already being used; and the old user would be unenrolled automatically. Now, the app must be uninstalled, or the user unlinked via Weavr API, before a new user can enroll on the device. See un-enrollment section of the docs.

Android

To upgrade to SDK v3.0.0, update your Gradle dependency:

implementation 'io.weavr.components:secure-components:3.0.0'

In your settings.gradle file, remove the following repository entry:

maven {
    url "https://gitlab.okaythis.com/api/v4/projects/15/packages/maven"
    name "GitLab"
}

Key changes

  • The biometrics user enrollment flow now requires an OTP. This is delivered via SMS, and input by the user into an integrated screen in the component.
  • The ability to exchange tokens via the SDK has been removed. For the biometrics login flow, the auth token is shared via webhook only and must be exchanged for an access token via your backend to the Weavr Weavr API.
  • Moved ErrorResponse class to io.weavr.components.utils.ErrorResponse package. Update any custom error handling implementations to use the new package path
  • Improved handling of the hardware back button on the Device Authorization screen in the enrollment flow that is launched via UXComponents.psa.startPSAEnrollment(). Pressing the back button now triggers the onFailed() callback, enabling client apps to handle user-initiated cancellations more effectively.