HYPR Documentation Portal

HYPR is the leading provider of True Passwordless Security with millions of users deployed across the Global 2000.

Shared secrets are the #1 cause of enterprise breaches, fraud and phishing attacks.

HYPR is the first Authentication Platform designed to eliminate passwords and shared secrets - effectively removing the hackers’ primary target while eliminating fraud, phishing and credential reuse for consumers and employees across the enterprise.

FIDO Only

🚧

THIS GUIDE ASSUMES THAT YOU ALREADY HAVE THE HYPR SDK SETUP. Follow the Quick Start Setup Guide before continuing.

Overview

The FIDO Only SDK usage is for customers who want to use the HYPR Android SDK to authenticate into their own Android application without using the HYPR out-of-band mechanism. The FIDO operations available include registration, authentication, and deregistration.

SDK Interface

FIDO Only Operations use the HYPR API Action Adapter and HYPR DB Adapter SDK interfaces.

πŸ“˜

HYPR Code Objects

The following HYPR Code Objects are used in Fido Only mode:
HyprAppProfileData - App Profile Corresponds to a HYPR RP Server Application

πŸ“˜

DB IDs

Most HYPR code objects have a DB ID to uniquely identify it. The SDK interfaces often require a DB ID to indicate which object is being operated on at the time.
Fido Only mode uses the following DB IDs:

  • App Profile DB ID

Database Setup

From the Quick Start Setup Guide you should have created a CustomHyprDbAdapter which extends the HyprDbAdapter class. FIDO Only (OOB Off) mode requires a couple modifications to that custom class setup.

The additions include setting the RpAppType to OobOff, setting your RP URL, and setting your RP Application ID.

// FIDO Only Additions
appProfile.setHyprRpAppType(context, HyprRpAppType.OobOff);
appProfile.setBaseDomainUrl(context, "https://your-company-hypr-rp-address.com");
appProfile.setRpAppId(context, "your RP Application Id");

The complete class with those additions is shown here.

public class CustomHyprDbAdapter extends HyprDbAdapter {
    /**
     * Called after a new App Profile is created.
     * Put any DB customizations here for the new App Profile.
     *
     * @param context    current context
     * @param appProfile appProfile object that was just created
     */
    @Override
    public void onNewAppProfileCreated(@NonNull final Context context,
                                       @NonNull HyprAppProfileData appProfile) {
        // FIDO Only Additions
        appProfile.setHyprRpAppType(context, HyprRpAppType.OobOff);
        appProfile.setBaseDomainUrl(context, "https://your-company-hypr-rp-address.com");
        appProfile.setRpAppId(context, "your RP Application Id");
    }
}

FIDO Registration

FIDO Registrations are done on an Application Profile basis. Each Application Profile has a DB ID that typically is used to pass into methods to tell the SDK which Application Profile to use.

πŸ“˜

FIDO Registration Method

The following is used to launch an Activity to initiate FIDO Registration via the HyprApiActionAdapter:
HyprApiActionAdapter.registerAuthenticatorsForAppProfile()
The results are returned in onActivityResults with the resultCode of:
HYPR_REGISTER_ACT_REQ_CODE

In the example below, first check to make sure that the HYPR Initialization is complete. If you are only using one App Profile, then get the current Application Profile and the App Profile DB ID. Managing App Profiles page has more information on App Profiles.

Then pass that App Profile DB ID into the registerAuthenticatorsForAppProfile method to start a HYPR SDK activity which will perform the registration.

The results are returned in the onActivityResult method described in the FIDO Operation Activity Results section further below. The result code is HYPR_REGISTER_ACT_REQ_CODE.

void startRegistration(Activity activity) {
    if (App.isHyprInitComplete()) {
        try {
            HyprAppProfileData hyprAppProfileData = App.getHyprDbAdapter().getCurHyprAppProfileData(activity);
            HyprApiActionAdapter.registerAuthenticatorsForAppProfile(activity, hyprAppProfileData.getDbId());
        } catch (HyprException exception) {
            exception.printStackTrace();
        }
    }
}

FIDO Authentication

FIDO Authentications are done on an Application Profile basis. Each Application Profile has a DB ID that typically is used to pass into methods to tell the SDK which Application Profile to use.

πŸ“˜

FIDO Authentication Method

The following is used to launch an Activity to initiate FIDO Registration via the HyprApiActionAdapter:
HyprApiActionAdapter.authenticateAppProfile()
The results are returned in onActivityResults with the resultCode of:
HYPR_AUTHENTICATE_ACT_REQ_CODE

In the example below, first check to make sure that the HYPR Initialization is complete. If you are only using one App Profile, then get the current Application Profile and the App Profile DB ID. Managing App Profiles page has more information on App Profiles.

Then pass that App Profile DB ID into the authenticateAppProfile method to start a HYPR SDK activity which will perform the authentication.

The results are returned in the onActivityResult method described in the FIDO Operation Activity Results section further below. The result code is HYPR_AUTHENTICATE_ACT_REQ_CODE.

void startAuthentication(Activity activity) {
    if (App.isHyprInitComplete()) {
        try {
            HyprAppProfileData hyprAppProfileData = App.getHyprDbAdapter().getCurHyprAppProfileData(activity);
            HyprApiActionAdapter.authenticateAppProfile(activity, hyprAppProfileData.getDbId());
        } catch (HyprException exception) {
            exception.printStackTrace();
        }
    }
}

FIDO Deregistration

FIDO Deregistrations are done on an Application Profile basis. Each Application Profile has a DB ID that typically is used to pass into methods to tell the SDK which Application Profile to use.

πŸ“˜

FIDO Deregistration Method

The following is used to launch an Activity to initiate FIDO Deregistration via the HyprApiActionAdapter:
HyprApiActionAdapter.deregisterAuthenticatorsForAppProfile()
The results are returned in onActivityResults with the resultCode of:
HYPR_DEREGISTER_ACT_REQ_CODE

In the example below, first check to make sure that the HYPR Initialization is complete. If you are only using one App Profile, then get the current Application Profile and the App Profile DB ID. Managing App Profiles page has more information on App Profiles.

Then pass that App Profile DB ID into the deregisterAuthenticatorsForAppProfile method to start a HYPR SDK activity which will perform the deregistration.

The results are returned in the onActivityResult method described in the FIDO Operation Activity Results section further below. The result code is HYPR_DEREGISTER_ACT_REQ_CODE.

void startDeregistration(Activity activity) {
    if (App.isHyprInitComplete()) {
        try {
            HyprAppProfileData hyprAppProfileData = App.getHyprDbAdapter().getCurHyprAppProfileData(activity);
            HyprApiActionAdapter.deregisterAuthenticatorsForAppProfile(activity, hyprAppProfileData.getDbId());
        } catch (HyprException exception) {
            exception.printStackTrace();
        }
    }
}

FIDO Operation Activity Results

The results returned from all HyprApiActionAdapter operations are returned in the onActivityResults method. The standard result code returned for a successful HYPR Android SDK Operation activity result is HYPR_ACT_RES_CODE_SUCCESS.

@Override
protected void onActivityResult(int requestCode,
                                int resultCode,
                                Intent data) {
    if (resultCode == HYPR_ACT_RES_CODE_SUCCESS) {
        handleSuccess(requestCode, data);

    } else {
        handleFailure(requestCode);
    }
}

void handleSuccess(int requestCode,
                   Intent data) {
    switch (requestCode) {
        case HYPR_REGISTER_ACT_REQ_CODE:
            Toast.makeText(this, "Registration Successful", Toast.LENGTH_SHORT).show();
            break;

        case HYPR_AUTHENTICATE_ACT_REQ_CODE:
            Toast.makeText(this, "Authentication Successful", Toast.LENGTH_SHORT).show();
            break;

        case HYPR_DEREGISTER_ACT_REQ_CODE:
            Toast.makeText(this, "Deregistration Successful", Toast.LENGTH_SHORT).show();
            break;

        default:
            Toast.makeText(this, "Unknown Success", Toast.LENGTH_SHORT).show();
    }
}

void handleFailure(int requestCode) {
    switch (requestCode) {
        case HYPR_REGISTER_ACT_REQ_CODE:
            Toast.makeText(this, "Registration Failed", Toast.LENGTH_SHORT).show();
            break;

        case HYPR_AUTHENTICATE_ACT_REQ_CODE:
            Toast.makeText(this, "Authentication Failed", Toast.LENGTH_SHORT).show();
            break;

        case HYPR_DEREGISTER_ACT_REQ_CODE:
            Toast.makeText(this, "Deregistration Failed", Toast.LENGTH_SHORT).show();
            break;

        default:
            Toast.makeText(this, "Unknown Failure", Toast.LENGTH_SHORT).show();
    }
}

Updated 11 months ago

FIDO Only


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.