binding/com.pingidentity.device.binding.authenticator/DeviceAuthenticator

DeviceAuthenticator

Interface for device authenticators that handle cryptographic operations for device binding. Implementations provide device-specific authentication mechanisms such as biometric authentication, PIN-based authentication, or hardware security modules.

Inheritors

AppPinAuthenticator

BiometricAuthenticator

NoneAuthenticator

Properties

type

abstract val type: DeviceBindingAuthenticationType

The type of device binding authentication this authenticator provides.

Functions

authenticate

abstract suspend fun authenticate(context: Context = ContextProvider.context): Result<Pair<PrivateKey, BiometricPrompt.CryptoObject?>>

Authenticates the user and retrieves the private key for signing operations.

deleteKeys

abstract suspend fun deleteKeys()

Deletes all keys associated with this authenticator from the device.

isSupported

open fun isSupported(context: Context, attestation: Attestation = Attestation.None): Boolean

Checks if this authenticator is supported on the current device.

abstract suspend fun register(context: Context = ContextProvider.context, attestation: Attestation): Result<KeyPair>

Registers a new key pair for device binding with optional attestation.

sign

open fun sign(params: SigningParameters): String

Signs a JWT using the provided signing parameters and key pair. Creates a signed JWT with standard claims including platform information and challenge.

open fun sign(params: UserKeySigningParameters): String

Signs a JWT using user key signing parameters with custom claims support. Creates a signed JWT with the specified user key and custom claims.