SDK Configuration⚓︎
The Mobile SDK needs a signed configuration string provided by nextAuth. In order to obtain this configuration string, please follow the instructions here. It contains the parameters for connecting to the right Second Factor Server and Message Center. All other configuration values below are optional.
| Parameter | Mandatory | Description |
|---|---|---|
| config | Signed configuration string provided by nextAuth. | |
| alwaysRequireSecondFactorIfInactiveAppLogin | Always require a second factor for logging in (web) if there is no active AppLogin. | |
| automaticallySelectSingleAccountWhenSecondFactorNeeded | Boolean indicating whether or not the user should confirm logging in when there is only one account to select from and a second factor will requested afterwards, default: true. |
|
| biometricsDisabled | Boolean indicating whether or not biometrics should be disabled for the app, default: false. |
|
| defaultNSURI | URI of the default nextAuth server (e.g., wss://[your domain]/ns/sigmai), only used for sending a NOACCOUNTS message over the WebSocket to the browser when the user scan a login QR code (or clicks on a login deep link) when there are no accounts for that server. |
|
| maxNumberSecondFactorWithoutPIN | Integer indicating when the user must enter a PIN if second factor confirmation is requested after a number of second factor confirmations with a biometric, default: 0 (ignored). Note that this value only has effect if biometrics are enabled. |
|
| maxTimeSecondFactorWithoutPIN | Duration string1 indicating when the user must enter a PIN if second factor confirmation is requested, default: 0 (ignored). Note that this value only has effect if biometrics are enabled. |
|
| singleAccount | Boolean indicating whether or not the app can only have a single account, default: false. |
|
| timeoutAppLogin | Duration string1 indicating after which duration of AppLogins must be logged out, default: 0 (ignored). Note that this value only has effect if your app uses AppLogins. |
|
| timeoutInactivityAppLogin | Duration string1 indicating after which duration of user inactivity AppLogins must be logged out, default: 0 (ignored). Note that this value only has effect if your app uses AppLogins. |
|
| universalLinkPathPrefix | The prefix that should be removed from the path component of deep links, default: /. For instance, if your deep link is https://app.nextauth.com/authenticate/<data>, you would set this parameter to /authenticate/. |
|
| universalLinkReferrerURLKey | The query parameter key that should be used to extract the referrer URL from deep links, default: referrer_url. |
automaticallyRetrieveMessagesWhenComingToForeground: false,
automaticallyProcessPushLoginWhenInForeground: false,
Info
It might be useful to also alert users in the web frontend that they need to enrol an account first before being able to login. This done by sending a NOACCOUNTS over the WebSocket to the browser. Since the login QR code (or deep link) only contains your server's identifier but not its URI, this will need to be specified by setting the defaultNSURI.
If your app can be used to authenticate to multiple nextAuth servers at different URIs (different server identifiers at the same URI is fine), we do not recommend setting the defaultNSURI value.
Android⚓︎
The following configuration parameters listed below are only used by the Android SDK.
| Parameter | Mandatory | Description |
|---|---|---|
| automaticallyRetrieveMessagesWhenComingToForeground | Automatically retrieve messages from the Message Center when the app comes to the foreground, default: true. |
|
| automaticallyProcessPushLoginWhenInForeground | Automatically start a session for a received (push) login message when the app comes to the foreground, default: true. |
The Mobile SDK configuration is specified as a JSON string that must contain all mandatory parameters. For the non-specified parameters, the SDK will take the default values.
{
"config": ""
}
By default, the SDK looks for a nextauth.json file in the assets folder of the app. You can also manually pass the configuration as a JSON string.
//default, looks for a nextauth.json file in the assets folder
NextAuth.init(getApplicationContext());
//manually pass configuration
NextAuth.init(getApplicationContext(),"{\"config\": \"\"}");
iOS⚓︎
The following configuration parameters listed below are only used by the iOS SDK. Note that the appGroup parameters is required for on-device builds, as detailed in our quick-start guide.
| Parameter | Mandatory | Description |
|---|---|---|
| appGroup | The App Group you provisioned in the Apple Developer Portal, which is required for on-device builds (see here). | |
| migrateDataDirectory | Boolean indicating whether or not the SDK's data directory should be migrated, default: false. This parameter should only be enabled for legacy applications. |
The Mobile SDK configuration can be specified as a JSON or Property List string that must contain all mandatory parameters. Include a Constants.plist file in your project. Ensure that it is added to the main application bundle.
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>NAConfig</key>
<string></string>
</dict>
</plist>
By default, the SDK looks for the constants file specified by the NAConstantsFile key (see here). From v1.4.0 onwards, you can also manually pass the configuration. This can only be done once and has to happen before any other interactions with the SDK.
NextAuth.default.configure(from: "{\"config\": \"\"}", withFormat: NextAuth.Constants.JSON)