The Keyless SDK "caches" the enrolled user locally on the device.
There are some use cases where it is possible to delete the user from server API and delete the device from server API. The Keyless SDK will not be notified about such deletions. For this reason if you try to authenticate a user or a device that have been deleted from server API you will get an error.
The Keyless SDK offers a way to check if you are in this situation: you can use the validateUserAndDeviceActive API. This will validate that both the user and the device are still "active" (i.e. they exist) in the Keyless backend.
You may want to call validateUserAndDeviceActive before an authentication to avoid going through the user biometric extraction if the user has been deleted.
Keyless.validateUserAndDeviceActive( onCompletion = { result ->when (result) {is Keyless.KeylessResult.Success -> Log.d("KeylessSDK ", "user and device active") is Keyless.KeylessResult.Failure -> Log.d("KeylessSDK ", "user or device not ofund - error code ${result.error.code}")
// error code 1131 = user is not enrolled on the device (not even locally so did not check on backend)// error code 534 = user not found or deactivated on backend// error code 535 = device not found or deactivated on backend } })
Keyless.validateUserDeviceActive( onCompletion: { result inswitch result {case .success(let success): print("user and device active")case .failure(let error): print("user or device deactivated")// error code 1131 = user is not enrolled on the device (not even locally so did not check on backend)// error code 534 = user not found or deactivated on backend// error code 535 = device not found or deactivated on backendbreak } })
User identifier
To retrieve the user identifier you can use the Keyless.getUserId() api
The device is identified by means of its public signing key. To retrieve the device identifier you can use the Keyless.getDevicePublicSigningKey() api: