Android Login

This tutorial will show you how to integrate the Auth0 Login in your Android project in order to present the login box.

Sample Project

Download a sample project specific to this tutorial configured with your Auth0 API Keys.

System Requirements
  • Android Studio 2.3
  • Android SDK 25
  • Emulator - Nexus 5X - Android 6.0
Show requirements

Add the Auth0 Android Dependency

Your first step is to add the Auth0 Android SDK into your project. The library makes requests to the Auth0's Authentication and Management APIs.

Gradle

Inside the app's build.gradle dependencies section add:

apply plugin: 'com.android.application'
android {
  //..
}
dependencies {
  //---> Add the next line
  compile 'com.auth0.android:auth0:1.+'
  //<---
}

You can check for the latest version on the repository Readme, in Maven, or in JCenter.

Now add the Manifest Placeholders, required by the SDK to define internally an intent-filter to capture the authentication callback. You do that by adding the next line:

apply plugin: 'com.android.application'
android {
    compileSdkVersion 25
    buildToolsVersion "25.0.3"
    defaultConfig {
        applicationId "com.auth0.samples"
        minSdkVersion 15
        targetSdkVersion 25
        //...

        //---> Add the next line
        manifestPlaceholders = [auth0Domain: "@string/com_auth0_domain", auth0Scheme: "demo"]
        //<---
    }
}

Set Credentials

You will require the Client ID and Domain for your client application. These values can be found in your Auth0 dashboard. The suggested approach is to use String Resources like @string/com_auth0_domain to define them instead of hard coding the value, as you might need to change them in the future and forget to update them in all the places. Edit your res/values/strings.xml file like this:

<resources>
    <string name="com_auth0_client_id">YOUR_CLIENT_ID"</string>
    <string name="com_auth0_domain">YOUR_AUTH0_DOMAIN"</string>
</resources>

If you're logged in with your Auth0 account and download the samples from the "Download Sample" button, the values will be completed for you.

Then, run Sync Project with Gradle Files inside Android Studio or ./gradlew clean assembleDebug from the command line.

For more information about Gradle usage, check their official documentation.

Start the Authentication

In the login method create a new Auth0 instance to hold the credentials. If you've added the R.string.com_auth0_client_id and R.string.com_auth0_domain String resources, you'll be able to use the constructor that receives an android Context. If you prefer to hardcode them, use the constructor that receives both strings. Then by using the WebAuthProvider class authenticate with any connection enabled on your client in the Auth0 dashboard.

To ensure Open ID Connect compliant responses you must either request an audience or enable the OIDC Conformant switch in your Auth0 dashboard under Client / Settings / Advanced OAuth. You can read more about this here.

After calling WebAuthProvider#start the browser will launch and show Lock, and the final result will be received in the callback that you pass.

// app/src/main/java/com/auth0/samples/MainActivity.java

private void login() {
    Auth0 auth0 = new Auth0(this);
    auth0.setOIDCConformant(true);
    WebAuthProvider.init(auth0)
                  .withScheme("demo")
                  .withAudience(String.format("https://%s/userinfo", getString(R.string.com_auth0_domain)))
                  .start(MainActivity.this, new AuthCallback() {
                      @Override
                      public void onFailure(@NonNull Dialog dialog) {
                        // Show error Dialog to user
                      }

                      @Override
                      public void onFailure(AuthenticationException exception) {
                        // Show error to user
                      }

                      @Override
                      public void onSuccess(@NonNull Credentials credentials) {
                          // Store credentials
                          // Navigate to your main activity
                      }
                });
}

Capture the Result

You'll first need to whitelist the Callback URL in the "Allowed Callback URLs" section of the Client settings by adding the URL below. Remember to replace YOUR_APP_PACKAGE_NAME with your actual application's package name, available in the app/build.gradle file as the applicationId attribute:

demo://YOUR_AUTH0_DOMAIN/android/YOUR_APP_PACKAGE_NAME/callback

The browser will redirect to your application with the authentication result. Because you've defined the Manifest Placeholders with your Auth0 Domain and Scheme values, the SDK will be able to capture the result and parse it automatically without you needing to declare a specific intent-filter for your activity. The AndroidManifest.xml file should look like this:

<manifest xmlns:android="http://schemas.android.com/apk/res/android"
    package="com.auth0.samples">

    <uses-permission android:name="android.permission.INTERNET" />

    <application
        android:allowBackup="true"
        android:icon="@mipmap/ic_launcher"
        android:label="@string/app_name"
        android:theme="@style/AppTheme">

        <activity android:name="com.auth0.samples.MainActivity">
          <intent-filter>
              <action android:name="android.intent.action.MAIN" />
              <category android:name="android.intent.category.LAUNCHER" />
          </intent-filter>
        </activity>

    </application>

</manifest>

There are many options to customize the authentication using the WebAuthProvider builder. Make sure to check them here.

Mobile example screenshot

Hosted Login Page vs Embedded Login

Auth0's Hosted Login Page provides the fastest, most secure, and most feature-rich way to implement authentication in your app. If required, the Lock widget can also be embedded directly into your application, but certain features such as single sign-on won't be accessible. It is highly recommended that you use Hosted Login Page (as covered in this tutorial), but if you wish to embed the Lock widget directly in your application, you can follow the Embedded Login sample.

Please see Browser-Based vs. Native Login Flows on Mobile Devices for information on choosing between the two types of login flows.

Previous Tutorial
1. Getting started
Use Auth0 for FREECreate free Account