Overview
JWT (JSON Web Token) authentication is a standard method for securely verifying user identity. By implementing JWT authentication, you add a critical layer of security to your data collection process with MoEngage.
The feature ensures that the data sent on behalf of your identified users is authentic and is not tampered with. This security is achieved by requiring a token that is cryptographically signed by your own server, which prevents unauthorized users from impersonating your legitimate users.
| library_add_check |
Prerequisites Before you begin the implementation, ensure you meet the following requirements:
|
The following diagram illustrates the interaction between your application, your server, the MoEngage SDK, and the MoEngage server:
Integration
Perform the following to integrate JWT authentication into your Android application:
Step 1: Enable JWT Authentication
You can enable JWT authentication during SDK initialization by configuring the NetworkAuthorizationConfig property on the MoEngage.Builder object.
val builder = MoEngage.Builder(application, , )
.configureNetworkRequest(NetworkRequestConfig(networkAuthorizationConfig = NetworkAuthorizationConfig(isJwtEnabled = true)))
MoEngage.initialiseDefaultInstance(builder.build())MoEngage.Builder builder = new MoEngage.Builder(application, , )
.configureNetworkRequest(new NetworkRequestConfig(new NetworkAuthorizationConfig(true)));
MoEngage.initialiseDefaultInstance(builder.build());Step 2: Pass the JWT to the SDK
Your application is responsible for managing the JWT lifecycle. The recommended flow is to fetch a token upon user login and pass the token to the SDK. You should also check if the token has expired on subsequent app launches and fetch a new one if necessary.
Use the MoECoreHelper.passAuthenticationDetails() to provide the token to the SDK.
val data = AuthenticationData.Jwt(, )
MoECoreHelper.passAuthenticationDetails(context, data)AuthenticationData data = new AuthenticationData.Jwt(, );
MoECoreHelper.INSTANCE.passAuthenticationDetails(application.getApplicationContext(), data);Step 3: Handle Authentication Errors
To handle token validation errors that the MoEngage server returns, you must register an error listener. The SDK invokes this listener when an authentication error occurs, which allows your application to fetch and provide a new token.
val authErrorListener = OnAuthenticationError { error -
when (error.data) {
is ErrorData.Jwt - {
// Handle JWT authentication error
val errorData = error.data as ErrorData.Jwt
val jwtError = errorData.code
val message = errorData.message
// Take appropriate action based on the jwtError
}
}
}
// Register listener after SDK initialization
MoECoreHelper.registerAuthenticationListener(authErrorListener)OnAuthenticationError errorListener = new OnAuthenticationError() {
@Override
public void onError(@NonNull AuthenticationError error) {
switch (error.getType()) {
case JWT:
ErrorData.Jwt jwtError = (ErrorData.Jwt) error.getData();
// Handle JWT error
JwtError jwtErrorType = jwtError.getCode();
String message = jwtError.getMessage();
// Take action based on jwtErrorType
break;
}
}
};
// Register listener after SDK initialization
MoECoreHelper.INSTANCE.registerAuthenticationListener(errorListener);Step 3: Handle Authentication Errors
Register the OnAuthenticationError listener in a global scope, such as the onCreate() of your Application class, to ensure your application always receives callbacks.
MoECoreHelper.registerAuthenticationListener(authErrorListener)MoECoreHelper.INSTANCE.registerAuthenticationListener(errorListener);| info |
Information
|