binding/com.pingidentity.device.binding.journey/DeviceBindingCallback/bind

bind

suspend fun bind(config: DeviceBindingConfig.() -> Unit = {}): Result<String>

Performs the complete device binding operation.

This is the main method that orchestrates the entire device binding process:

  1. Validates device support for the specified authentication type

  2. Clears any existing keys for the user

  3. Generates a new cryptographic key pair with optional attestation

  4. Authenticates the user based on the configured authentication type

  5. Signs a JWT with the generated key to prove possession

  6. Stores the user key metadata for future use

  7. Handles cleanup on failures

The operation is performed within a timeout to prevent indefinite blocking. If authentication fails or any step encounters an error, all created keys are automatically cleaned up.

Return

A Result containing the signed JWT on success, or an error on failure

Parameters

config

Optional configuration block to customize the device binding behavior

Throws

if the device doesn't support the authentication type

TimeoutCancellationException

if the operation exceeds the timeout