CredentialOption

Artifact: androidx.credentials:credentials

Added in 1.2.0

Kotlin |Java

abstract class CredentialOption

Known direct subclasses

GetCustomCredentialOption, GetDigitalCredentialOption, GetPasswordOption, GetPublicKeyCredentialOption, GetRestoreCredentialOption

`GetCustomCredentialOption`	Allows extending custom versions of GetCredentialOptions for unique use cases.
`GetDigitalCredentialOption`	A request to retrieve the user's digital credential, normally used for verification or sign-in purpose.
`GetPasswordOption`	A request to retrieve the user's saved application password from their password provider.
`GetPublicKeyCredentialOption`	A request to get passkeys from the user's public key credential provider.
`GetRestoreCredentialOption`	A request to get the restore credential from the restore credential provider.

Base class for getting a specific type of credentials.

GetCredentialRequest will be composed of a list of CredentialOption subclasses to indicate the specific credential types and configurations that your app accepts.

The typePriorityHint value helps decide where the credential will be displayed on the selector. It is used with more importance than signals like 'last recently used' but with less importance than other signals, such as the ordering of displayed accounts. It is expected to be one of the defined PriorityHints constants. By default, GetCustomCredentialOption will have PRIORITY_DEFAULT, GetPasswordOption will have PRIORITY_PASSWORD_OR_SIMILAR and GetPublicKeyCredentialOption will have PRIORITY_PASSKEY_OR_SIMILAR. It is expected that GetCustomCredentialOption types will remain unchanged unless strong reasons arise and cannot ever have PRIORITY_PASSKEY_OR_SIMILAR. Given passkeys prevent many security threats that other credentials do not, we enforce that nothing is shown higher than passkey types in order to provide end users with the safest credentials first. See the spec here for more information on passkeys.

Summary

Constants
`const Int`	`PRIORITY_DEFAULT = 2000` Default value of display priority.
`const Int`	`PRIORITY_OIDC_OR_SIMILAR = 500` Value of display priority for OpenID credentials or those of similar security level.
`const Int`	`PRIORITY_PASSKEY_OR_SIMILAR = 100` Value of display priority for passkeys or credentials of similar security level.
`const Int`	`PRIORITY_PASSWORD_OR_SIMILAR = 1000` Value of display priority for passwords or credentials of similar security level.

Public companion functions
`CredentialOption`	`@RequiresApi(value = 34) createFrom(option: CredentialOption)` Parses the `option` into an instance of `CredentialOption`.
`CredentialOption`	`createFrom( type: String, requestData: Bundle, candidateQueryData: Bundle, requireSystemProvider: Boolean, allowedProviders: Set<ComponentName> )` Parses the raw data into an instance of `CredentialOption`.

Public properties
`Set<ComponentName>`	`allowedProviders` a set of provider service `ComponentName` allowed to receive this option (Note: a `SecurityException` will be thrown if it is set as non-empty but your app does not have android.permission.CREDENTIAL_MANAGER_SET_ALLOWED_PROVIDERS; empty means every provider is eligible; for API level < 34, this property will not take effect and you should control the allowed provider via library dependencies)
`Bundle`	`candidateQueryData` the partial request data in the `Bundle` format that will be sent to the provider during the initial candidate query stage, which will not contain sensitive user information
`Boolean`	`isAutoSelectAllowed` whether a credential entry will be automatically chosen if it is the only one available option
`Boolean`	`isSystemProviderRequired` true if must only be fulfilled by a system provider and false otherwise
`Bundle`	`requestData` the request data in the `Bundle` format
`String`	`type` the credential type determined by the credential-type-specific subclass (e.g. the type for `GetPasswordOption` is `PasswordCredential.TYPE_PASSWORD_CREDENTIAL` and for `GetPublicKeyCredentialOption` is `PublicKeyCredential.TYPE_PUBLIC_KEY_CREDENTIAL`)
`Int`	`typePriorityHint` sets the priority of this entry, which defines how it appears in the credential selector, with less precedence than account ordering but more precedence than last used time; see `PriorityHints` for more information

Constants

PRIORITY_DEFAULT

const val PRIORITY_DEFAULT = 2000: Int

Default value of display priority.

PRIORITY_OIDC_OR_SIMILAR

const val PRIORITY_OIDC_OR_SIMILAR = 500: Int

Value of display priority for OpenID credentials or those of similar security level.

PRIORITY_PASSKEY_OR_SIMILAR

const val PRIORITY_PASSKEY_OR_SIMILAR = 100: Int

Value of display priority for passkeys or credentials of similar security level.

PRIORITY_PASSWORD_OR_SIMILAR

const val PRIORITY_PASSWORD_OR_SIMILAR = 1000: Int

Value of display priority for passwords or credentials of similar security level.

Public companion functions

createFrom

Added in 1.5.0

@RequiresApi(value = 34)
fun createFrom(option: CredentialOption): CredentialOption

Parses the option into an instance of CredentialOption.

It is recommended to construct a CredentialOption by directly instantiating a CredentialOption subclass, instead of using this API. This API should only be used by a small subset of system apps that reconstruct an existing object for user interactions such as collecting consents.

Parameters
`option: CredentialOption`	the framework CredentialOption object

createFrom

Added in 1.5.0

fun createFrom(
    type: String,
    requestData: Bundle,
    candidateQueryData: Bundle,
    requireSystemProvider: Boolean,
    allowedProviders: Set<ComponentName>
): CredentialOption

Parses the raw data into an instance of CredentialOption.

Parameters
`type: String`	matches `CredentialOption.type`
`requestData: Bundle`	matches `CredentialOption.requestData`, the request data in the `Bundle` format; this should be constructed and retrieved from the a given `CredentialOption` itself and never be created from scratch
`candidateQueryData: Bundle`	matches `CredentialOption.candidateQueryData`; this should be constructed and retrieved from the a given `CredentialOption` itself and never be created from scratch
`requireSystemProvider: Boolean`	matches `CredentialOption.isSystemProviderRequired`
`allowedProviders: Set<ComponentName>`	matches `CredentialOption.allowedProviders`, empty means every provider is eligible

Public properties

allowedProviders

Added in 1.2.0

val allowedProviders: Set<ComponentName>

a set of provider service ComponentName allowed to receive this option (Note: a SecurityException will be thrown if it is set as non-empty but your app does not have android.permission.CREDENTIAL_MANAGER_SET_ALLOWED_PROVIDERS; empty means every provider is eligible; for API level < 34, this property will not take effect and you should control the allowed provider via library dependencies)

candidateQueryData

Added in 1.2.0

val candidateQueryData: Bundle

the partial request data in the Bundle format that will be sent to the provider during the initial candidate query stage, which will not contain sensitive user information

isAutoSelectAllowed

Added in 1.2.0

val isAutoSelectAllowed: Boolean

whether a credential entry will be automatically chosen if it is the only one available option

isSystemProviderRequired

Added in 1.2.0

val isSystemProviderRequired: Boolean

true if must only be fulfilled by a system provider and false otherwise

requestData

Added in 1.2.0

val requestData: Bundle

the request data in the Bundle format

type

Added in 1.2.0

val type: String

the credential type determined by the credential-type-specific subclass (e.g. the type for GetPasswordOption is PasswordCredential.TYPE_PASSWORD_CREDENTIAL and for GetPublicKeyCredentialOption is PublicKeyCredential.TYPE_PUBLIC_KEY_CREDENTIAL)

typePriorityHint

Added in 1.3.0

val typePriorityHint: Int

sets the priority of this entry, which defines how it appears in the credential selector, with less precedence than account ordering but more precedence than last used time; see PriorityHints for more information