Prior to working with the SDK, a GBG Identity Solution account is required. To set up the Identity Solution account an OAuth OpenID Connect URL is required (this is available from many cloud service or identity providers such as Microsoft or Amazon).
Once you have provided the URL to GBG you’ll be set up with an account which you can access using the secure OAuth standards-based token method. This involves sending a secure HTTP request to the OAuth Identity Provider (i.e. such as Microsoft or Amazon Web Services) and receiving back an Identity Provider (IDP) access token. The token can later be exchanged (using an SDK function call, or another HTTP request) for a GBG access token whenever the user wishes to use the Identity Solution. The access token eventually expires and then another token can be requested by the user or the software.
You’ll also receive an initial Journey Identifier which defines which databases and verification procedures you wish to use to meet business or legal requirements. Additional Journey Identifiers can be created and profiles modified as needed.
If you’re planning to use the Android SDK, then credentials to access a Maven Repository will also be supplied.
Once you have the account, the procedures needed within Android Studio are:
- Add Maven Repository Credentials and Dependencies
You’ll need to modify the project-level and application-level build.gradle files within Android Studio to achieve this.
- Initialize the SDK
The VerifySDK.init() function is used to perform initialization for all the services you wish to use in the application.
- Obtain an Identity Provider Access Token
Either the mobile application, or a server-side application can be used to send a secure HTTP request to your Identity Provider (such as Microsoft or Amazon Web Services) to achieve this. This is standards-based and there are several methods. One popular method is called OAuth 2.0 Client Credentials Grant (an explanation of Client Credentials Grant is here) and it is based on a pre-shared client secret or alternatively a signed certificate. Another method is to use single sign-on (SSO) using OAuth 2.0 Authorisation Code Grant.
- Obtain a GBG Access Token
Create an AuthService object and call the authenticate method in order to exchange the Identity Provider access token for the GBG access token.
Once these four steps are complete, the application code can make use of any verification service, typically by creating an object and making a function call. The services that can be created and used are listed in the SDK Overview.
Underlying the SDK are HTTP requests and responses. If during software development you need to troubleshoot SDK interactions, a very quick way to see what occurred is to examine the HTTP request and response. Refer to Debugging with the Profiler in order to see examples of how to troubleshoot in this way.