Select release
Integration Tutorials

Installation

Configuration

Device Activation

Requesting Device Activation Status

Data Signing

Password Change

Biometry Setup

Device Activation Removal

Secure Vault

Recovery Codes

Token Based Authentication

Additional Topics

Sample Integration

Token-Based Authentication

Edit on Github Send Feedback v1.5.3

WARNING: Before you start using access tokens, please visit our documentation for powerauth-crypto for more information about this feature.

The tokens are simple, locally cached objects, producing timestamp-based authorization headers. Be aware that tokens are NOT a replacement for general PowerAuth signatures. They are helpful in situations when the signatures are too heavy or too complicated for implementation. Each token has the following properties:

  • It needs PowerAuth signature for its creation (e.g., you need to provide PowerAuthAuthentication object)
  • It has a unique identifier on the server. This identifier is not exposed to the public API, but DEBUG version of SDK can reveal that identifier in the debugger.
  • It has a symbolic name (e.g. “MyToken”) defined by the application programmer to identify already created tokens.
  • It can generate timestamp-based authorization HTTP headers.
  • It can be used concurrently. Token’s private data doesn’t change in time.
  • The token is associated with the PowerAuth instance. So, you can use the same symbolic name in multiple SDK instances, and each created token will be unique.
  • Tokens are persisted in the keychain and cached in the memory.
  • Once the parent PowerAuth instance loses its activation, all its tokens are removed from the local database.

React Native PowerAuth SDK currently doesn’t support multiple instance scenarios and both PowerAuth and PowerAuthTokenStore act as a singleton.

Getting Token

To get an access token, you can use the following code:

// 1FA signature, uses device related key
const auth = new PowerAuthAuthentication();
auth.usePossession = true;

try {
    const token = await PowerAuthTokenStore.requestAccessToken("MyToken", auth);
    // now you can generate header
} catch (e) {
    // handle error
}

The token can be locally cached on the device. You can test this situation by calling await PowerAuthTokenStore.hasLocalToken("MyToken").

Generating Authorization Header

Once you have a PowerAuthToken object, use the following code to generate an authorization header:

try {
    const header = await PowerAuthTokenStore.generateHeaderForToken(token.tokenName);
    // now you can attach that header to your HTTP request
} catch (e) {
    // token is no longer valid
}

Removing Token From the Server

To remove the token from the server, you can use the following code:

try {
    await PowerAuthTokenStore.removeAccessToken("MyToken");
    // token has been removed
} catch (e) {
    // handle error
}

Removing Token Locally

To remove token locally, you can simply use the following code:

try {
    // Remove just one token
    await PowerAuthTokenStore.removeLocalToken("MyToken");
    // Remove all local tokens
    await PowerAuthTokenStore.removeAllLocalTokens();
} catch (e) {
    // handle error
}

Note that by removing tokens locally, you will lose control of the tokens stored on the server.

Last updated on May 11, 2021 (12:54) Edit on Github Send Feedback
On this page:
Search

1.5.x

PowerAuth for React Native