Skip to main content
Version: 4.3

IdentityVault

The underlying vault API. You can gain direct access to the vault for more advanced usage by using the IdentityVaultUser.getVault method.

Properties

config

The current configuration of the vault will stay current as long as unsubscribe is not called.

Methods

clear

Clear all vault data including stored tokens, values, and passcodes. The vault will be empty and unlocked after this.

Usage

vault.clear()

Returns: Promise<void>

getAvailableHardware

Gets the types of biometrics the device supports.

Please note, this method only shows the biometrics the device is capable of, and does not reflect whether the biometric methods are enrolled or enabled.

Traditionally Android has only supported fingerprint biometrics through the SDK. As of Android 10 multiple options are supported. Samsung devices can offer iris and face biometrics that exists outside the scope of the Android SDK. Since there is no official Android SDK support to detect those Samsung features, we attempt to determine their presence based on if the device has the Samsung face or iris biometrics software installed.

Usage

const availableHardware = await vault.getAvailableHardware();

Returns: Promise<SupportedBiometricType[]>

the list of biometrics the device supports

getBiometricType

Get the type of biometrics the device supports

Usage

const biometricType = await vault.getBiometricType();

this method has been deprecated in favor of getAvailableHardware

Returns: Promise<BiometricType>

the type of biometrics the device supports

getConfig

Get the current configuration of the vault

Usage

const config = await vault.getConfig();

Returns: Promise<PluginConfiguration>

the configuration

getKeys

Get all keys with stored values.

Usage

const keys = await vault.getKeys();

Throws

VaultError - if vault is locked

Returns: Promise<string[]>

array with all keys

getToken

Get any data stored in the token slot. This is equivalent to calling getValue("token").

Usage

const token = await vault.getToken();

Throws

VaultError - if vault is locked

Returns: Promise<any>

token data

getUsername

Get the username associated with the vault

Usage

const username = await vault.getUsername();

Returns: Promise<string>

the username for the vault

getValue

Get a value stored under the given key.

Throws

VaultError - if vault is locked

Parameters

NameTypeDescription
keystringthe key where the value is stored

Returns: Promise<any>

the value stored at the key

isBiometricsAvailable

Check whether or not biometrics is supported by the device and has been configured by the current user of the device

Usage

const biometricsAvailable = await vault.isBiometricsAvailable();

Returns: Promise<boolean>

whether or not biometrics is available

isBiometricsEnabled

Check whether or not biometrics is enabled on the vault

Usage

const biometricsEnabled = await vault.isBiometricsEnabled();

Returns: Promise<boolean>

whether or not biometrics is enabled

isBiometricsSupported

Check whether or not biometrics is supported by the device

Usage

const biometricsSupported = await vault.isBiometricsSupported();

Returns: Promise<boolean>

whether or not biometrics is supported

isInUse

Check whether the vault has any values stored in it.

Usage

const vaultIsInUse = await vault.isInUse();

Returns: Promise<boolean>

whether the vault has stored values

isLocked

Check whether the vault is currently locked

Usage

if(!(await vault.isLocked())) {
// Do something if vault is not locked
}

Returns: Promise<boolean>

whether the vault is locked

isLockedOutOfBiometrics

Check whether the biometrics are locked on the device

Usage

const bioLockedOut = await vault.isLockedOutOfBiometrics();

Returns: Promise<boolean>

whether biometrics are locked

isPasscodeEnabled

Check if passcode authentication is enabled for the vault

Usage

const passcodeEnabled = await vault.isPasscodeEnabled();

Returns: Promise<boolean>

whether or not the passcode is enabled

isPasscodeSetupNeeded

Check whether or not a passcode needs to be set for the vault using setPasscode

Usage

const passcodeSetupNeeded = await vault.isPasscodeSetupNeeded();

Returns: Promise<boolean>

whether or not the passcode needs to be set

isSecureStorageModeEnabled

Check if AuthMode.SecureStorage is enabled for the vault

Usage

const secureStorageModeEnabled = await vault.isSecureStorageModeEnabled();

Returns: Promise<boolean>

whether or not the secure storage mode is enabled

lock

Lock the vault clearing the contents from memory and requiring biometrics or passcode to unlock

Usage

vault.lock()

Returns: Promise<void>

remainingAttempts

Check how many remaining failed attempts are left until vault clears

Usage

const remainingAttempts = await vault.remainingAttempts();

Returns: Promise<number>

the number of remaining attempts

removeValue

Removes data under the given key.

Usage

vault.removeValue("email");

Throws

VaultError - if vault is locked, or if passcode is enabled but passcode has not been setup

Parameters

NameTypeDescription
keystringthe key to remove the value from

Returns: Promise<void>

setBiometricsEnabled

Enable/Disable Biometric authentication for the vault

Usage

vault.setBiometricsEnabled(true);

Throws

VaultError - if biometrics is unavailable or the vault is locked

Parameters

NameTypeDescription
isBiometricsEnabledbooleanwhether or not biometrics should be enabled

Returns: Promise<void>

setHideScreenOnBackground

Set whether or not the screen will be obscured in app switcher mode

Parameters

NameType
enabledboolean

Returns: Promise<void>

void

setPasscode

Set or Change the passcode for the vault

Usage

vault.setPasscode();

Throws

VaultError - if the vault is locked, passcode is disabled, user canceled pin prompt, or pin was mismatched

Parameters

NameTypeDescription
passcode?stringThe passcode to set. If left null a native dialog will prompt the user to enter it.

Returns: Promise<void>

setPasscodeEnabled

Enable/Disable passcode authentication for the vault

Usage

vault.setPasscodeEnabled(true);

Throws

VaultError - if the vault is locked

Parameters

NameTypeDescription
isPasscodeEnabledbooleanwhether or not passcode should be enabled

Returns: Promise<void>

setSecureStorageModeEnabled

Enable/Disable secure storage mode for the vault. Setting AuthMode.SecureStorage automatically disables passcode and biometric authentication and allows for session values to be stored persistently and securely at rest using the keychain but allowing the user to access the data without authenticating as long as the device is unlocked.

Usage

vault.setSecureStorageModeEnabled(true);

Throws

VaultError - if the vault is locked

Parameters

NameTypeDescription
isSecureStorageModeEnabledbooleanwhether or not secure storage mode should be enabled

Returns: Promise<void>

storeToken

Store a value securely in the token slot. This is equivalent to calling storeValue("token", token).

Usage

vault.storeToken(token);

Throws

VaultError - if vault is locked, or if passcode is enabled but passcode has not been setup

Parameters

NameTypeDescription
tokenanythe value to store in the token slot

Returns: Promise<void>

storeValue

Store data securely under the given key.

Usage

vault.storeValue("email", emailToken);

Throws

VaultError - if vault is locked, or if passcode is enabled but passcode has not been setup

Parameters

NameTypeDescription
keystringthe key to store in the value in
valueanythe value to store

Returns: Promise<void>

unlock

Unlock the vault using either passcode or biometrics

Usage

vault.unlock();

Throws

VaultError - if the vault is locked, the unlock type wasn't enabled, user canceled pin prompt, or pin was mismatched

Parameters

NameTypeDescription
usingPasscode?booleanwhether or not to use passcode to unlock the vault
passcode?stringThe passcode to use. If left null a native dialog will prompt the user to enter it.

Returns: Promise<void>

unsubscribe

Unsubscribe the instance from events about the vault.

Usage

vault.unsubscribe();

Returns: Promise<void>