Authorization for Online SDKs
How online mobile SDKs connect with the server
The online SDKs function by communicating with the SenseCrypt server using an end-to-end encrypted protocol.
There are two methods available for authorization:
Mobile API Key - Configured in the app source code constants, this is the easiest method during development. Correspondingly, the mobile key is configured on the server as we saw in the server's Configuration section.
JWT Token - A JWT token mechanism allows you to use your own authorization mechanism. To use a device specific JWT, follow the following steps:
Get the device ID by calling
getDeviceId()
from the mobile SDK.Pass the device ID along with authentication parameters (such as username/password) to your own application server.
If authentication succeeds, make a server-to-server call from your application server to your SenseCrypt server's
/gen-jwt
end-point passing in the device ID as theinstance_id
. See the Using a JWT Token for Authorization section for more details. The server-to-server call can be authorized using theapi_key
that you defined in the Configuration section.Return the generated JWT token to the mobile device.
Store the JWT token on the device for future use.
When initializing the mobile SDK, pass the server URL along with
Bearer your_jwt_token
as the authentication parameter.
By default, the source code uses the Mobile API Key configured in the code constants. Since a JWT flow involves your own authentication, implementing such a flow is left to you. However, the mobile SDKs do support such a flow out of the box should you choose to implement it.