Request Authorization

Once the BindID SDK is initialized, you can invoke a BindID authentication process using the authenticate() SDK call (see API reference). A successful authentication returns an authorization code that can be exchanged for the ID and access tokens.

The token exchange can be performed either in the front-end or backend. When using a front-end PKCE exchange, add the setUsePkce parameter to the authenticate() call, and then invoke the exchangeToken() SDK method with the authentication response. Alternatively, perform a backend exchange using the Token API (see Get User Identity and Trust).

The following example shows a front-end PKCE token exchange, however, BindID also supports a backend authorization code token exchange (with or without PKCE) using the Token API.

fun authenticate() {
    XmBindIdSdk.getInstance().authenticate(
        XmBindIdAuthenticationRequest.create("[REDIRECT_URI]").apply {
            this.usePkce = true
        }).addListener(object : ObservableFuture.Listener<XmBindIdResponse, XmBindIdError> {
        override fun onComplete(response: XmBindIdResponse) {
            Log.i("BID", "Authentication successful")
            exchange(response)
        }

        override fun onReject(error: XmBindIdError) {
            handleError(error)
        }
    })
}

fun exchange(response: XmBindIdResponse) {
    XmBindIdSdk.getInstance().exchangeToken(
        XmBindIdExchangeTokenRequest.create(response)
    ).addListener(object :
        ObservableFuture.Listener<XmBindIdExchangeTokenResponse, XmBindIdError> {
        override fun onComplete(tokenResponse: XmBindIdExchangeTokenResponse) {
            Log.i("BID", "Token exchange successful")
            sendTokenToServer(tokenResponse.accessToken, tokenResponse.idToken)
        }

        override fun onReject(error: XmBindIdError) {
            handleError(error)
        }
    })
}

fun sendTokenToServer(one: String, two: String) {
    // Add code to send the ID and access token to your application server here
}

fun handleError(error: XmBindIdError) {
    // Add code to process the authentication error here
}

where [REDIRECT_URI] is redirect URI you configured in the step BindID Admin Portal, and the deep link added in Set Up Redirection.

The functions in the snippet above should be implemented as follows:

sendTokenToServer should send the ID and access tokens received upon successful authentication to your backend server.
handleError should respond to an authentication error, possibly by presenting a suitable message to the user.

Request Authorization#

Request Authorization