binding/com.pingidentity.device.binding.journey/DeviceBindingConfig

DeviceBindingConfig

class DeviceBindingConfig

Configuration class for customizing device binding operations.

This DSL-enabled configuration class allows fine-grained control over various aspects of the device binding process, including authentication methods, storage configuration, JWT signing parameters, and user interface behavior.

The configuration supports:

  • Multiple authentication types (biometric, PIN, none)

  • Customizable storage backends for user key metadata

  • JWT signing algorithm and timing configuration

  • Device identification and naming

  • Custom claims for verification

  • User key selection strategies

Example usage:

deviceBindingCallback.bind {
    deviceName = "My Custom Device"
    signingAlgorithm = "RS256"
    userKeyStorage {
        fileName = "my_keys.json"
    }
    biometricAuthenticatorConfig {
        promptInfo = {
            setTitle("Authenticate for Device Binding")
        }
    }
}
Content copied to clipboard

See also

Constructors

Link copied to clipboard
constructor()

Properties

Link copied to clipboard
lateinit var deviceAuthenticator: (DeviceBindingAuthenticationType) -> DeviceAuthenticator

Factory function for creating device authenticators based on authentication type.

Link copied to clipboard
var deviceIdentifier: DeviceIdentifier

The device identifier used to generate unique device IDs for binding. Defaults to DefaultDeviceIdentifier which uses Android device properties.

Link copied to clipboard
var deviceName: String

The human-readable name for the device that will be displayed in user interfaces. Defaults to the device model (Build.MODEL).

Link copied to clipboard
var expirationTime: (Int) -> Instant

Function that calculates the JWT expiration time based on timeout seconds. Takes the timeout in seconds and returns an Instant representing when the JWT expires. Defaults to current time plus the timeout in seconds.

Link copied to clipboard
var issueTime: () -> Instant

Function that provides the current time for JWT "iat" (issued at) claim. Defaults to the current system time when the JWT is created.

Link copied to clipboard
var logger: Logger

The logger instance used for debugging and monitoring device binding operations. Defaults to the global Logger.logger instance.

Link copied to clipboard
var notBeforeTime: () -> Instant

Function that provides the "nbf" (not before) time for JWT validation. Defaults to the current system time, meaning the JWT is valid immediately.

Link copied to clipboard
var signingAlgorithm: String

The cryptographic algorithm used for signing JWTs during device binding. Must be a valid JWS algorithm identifier. Defaults to "RS512". Common values: "RS256", "RS384", "RS512"

Functions

Link copied to clipboard
fun appPinConfig(block: AppPinConfig.() -> Unit)

Configures the application PIN authenticator settings.

Link copied to clipboard
fun biometricAuthenticatorConfig(block: BiometricAuthenticatorConfig.() -> Unit)

Configures the biometric authenticator settings.

Link copied to clipboard
fun claims(block: MutableMap<String, Any>.() -> Unit)

Configures additional custom claims to be included in the signed JWT.

Link copied to clipboard
fun userKeySelector(block: suspend (List<UserKey>) -> UserKey)

Configures a custom user key selection strategy.

Link copied to clipboard
fun userKeyStorage(block: UserKeyStorageConfig.() -> Unit)

Configures the storage backend for user key metadata.