Links

Multi-user (beta)

This feature is in beta and available only for Android at the moment.
Different Keyless users can use their Keyless account(s) on the same device. The user is identified by user information stored in a database: userDatabase.
You decide the database absolute path and Keyless will populate it. The database is encrypted with a symmetric key. Keyless will generate the userDatabaseKey for you. You are responsible to store the absolute path and the key securely in your application.

Prerequisites

The user database is cached by Keyless for the entire lifecycle of your application.
The cached user survives lifecycle changes but is not persisted through process death.
If you want to use a specific database (i.e. do operations for a specific user) you must tell Keyless which database path to use before calling any of the Keyless APIs.

Set the user

The current user must be updated before using each API.
To swap from a user to another change the cached user database that Keyless should read/update calling the setUserDatabase() API.
Android
// dbPath is the path where your application stored the database
// dbKey is not required for enroll
setUserDatabase(dbPath:String, dbKey: ByteArray? = null)

Example usage

To check if a specific user is enrolled remember to select the specific user by providing Keyless with the specific userDatabase path.
Android
// dbPath is the path where your application stored the database
Keyless.setUserDatabase(dbPath, dbKey)
val isEnrolled = Keyless.isEnrolled().let {
if (it is Keyless.KeylessResult.Success) {
it.value
} else {
false
}
The symmetric key userDatabaseKey is proof that you own the user information at the userDatabase path. Rmember to select the specific user by providing Keyless with the specific userDatabase path and its decryption key userDatabaseKey. For such cases setUserDatabase takes as input the userDatabaseKey
Android
Keyless.setUserDatabase(dbPath, dbKey)
Keyless.decryptWithDeviceKey(encryptedPayload)