IdentityVault
The underlying vault API. You can gain direct access to the vault for more advanced usage by using the IdentityVaultUser.getVault method.
Properties
config
The current configuration of the vault will stay current as long as unsubscribe is not called.
Methods
clear
Clear all vault data including stored tokens, values, and passcodes. The vault will be empty and unlocked after this.
Usage
_10vault.clear()
Returns: Promise<void>
getAvailableHardware
Gets the types of biometrics the device supports.
Please note, this method only shows the biometrics the device is capable of, and does not reflect whether the biometric methods are enrolled or enabled.
Traditionally Android has only supported fingerprint biometrics through the SDK. As of Android 10 multiple options are supported. Samsung devices can offer iris and face biometrics that exists outside the scope of the Android SDK. Since there is no official Android SDK support to detect those Samsung features, we attempt to determine their presence based on if the device has the Samsung face or iris biometrics software installed.
Usage
_10const availableHardware = await vault.getAvailableHardware();
Returns: Promise<SupportedBiometricType[]>
the list of biometrics the device supports
getBiometricType
Get the type of biometrics the device supports
Usage
_10const biometricType = await vault.getBiometricType();
this method has been deprecated in favor of getAvailableHardware
Returns: Promise<BiometricType>
the type of biometrics the device supports
getConfig
Get the current configuration of the vault
Usage
_10const config = await vault.getConfig();
Returns: Promise<PluginConfiguration>
the configuration
getKeys
Get all keys with stored values.
Usage
_10const keys = await vault.getKeys();
Throws
VaultError - if vault is locked
Returns: Promise<string[]>
array with all keys
getToken
Get any data stored in the token slot. This is equivalent to calling getValue("token").
Usage
_10const token = await vault.getToken();
Throws
VaultError - if vault is locked
Returns: Promise<any>
token data
getUsername
Get the username associated with the vault
Usage
_10const username = await vault.getUsername();
Returns: Promise<string>
the username for the vault
getValue
Get a value stored under the given key.
Throws
VaultError - if vault is locked
Parameters
| Name | Type | Description |
|---|---|---|
key | string | the key where the value is stored |
Returns: Promise<any>
the value stored at the key
isBiometricsAvailable
Check whether or not biometrics is supported by the device and has been configured by the current user of the device
Usage
_10const biometricsAvailable = await vault.isBiometricsAvailable();
Returns: Promise<boolean>
whether or not biometrics is available
isBiometricsEnabled
Check whether or not biometrics is enabled on the vault
Usage
_10const biometricsEnabled = await vault.isBiometricsEnabled();
Returns: Promise<boolean>
whether or not biometrics is enabled
isBiometricsSupported
Check whether or not biometrics is supported by the device
Usage
_10const biometricsSupported = await vault.isBiometricsSupported();
Returns: Promise<boolean>
whether or not biometrics is supported
isInUse
Check whether the vault has any values stored in it.
Usage
_10const vaultIsInUse = await vault.isInUse();
Returns: Promise<boolean>
whether the vault has stored values
isLocked
Check whether the vault is currently locked
Usage
_10if(!(await vault.isLocked())) {_10 // Do something if vault is not locked_10}
Returns: Promise<boolean>
whether the vault is locked
isLockedOutOfBiometrics
Check whether the biometrics are locked on the device
Usage
_10const bioLockedOut = await vault.isLockedOutOfBiometrics();
Returns: Promise<boolean>
whether biometrics are locked
isPasscodeEnabled
Check if passcode authentication is enabled for the vault
Usage
_10const passcodeEnabled = await vault.isPasscodeEnabled();
Returns: Promise<boolean>
whether or not the passcode is enabled
isPasscodeSetupNeeded
Check whether or not a passcode needs to be set for the vault using setPasscode
Usage
_10const passcodeSetupNeeded = await vault.isPasscodeSetupNeeded();
Returns: Promise<boolean>
whether or not the passcode needs to be set
isSecureStorageModeEnabled
Check if AuthMode.SecureStorage is enabled for the vault
Usage
_10const secureStorageModeEnabled = await vault.isSecureStorageModeEnabled();
Returns: Promise<boolean>
whether or not the secure storage mode is enabled
lock
Lock the vault clearing the contents from memory and requiring biometrics or passcode to unlock
Usage
_10vault.lock()
Returns: Promise<void>
remainingAttempts
Check how many remaining failed attempts are left until vault clears
Usage
_10const remainingAttempts = await vault.remainingAttempts();
Returns: Promise<number>
the number of remaining attempts
removeValue
Removes data under the given key.
Usage
_10vault.removeValue("email");
Throws
VaultError - if vault is locked, or if passcode is enabled but passcode has not been setup
Parameters
| Name | Type | Description |
|---|---|---|
key | string | the key to remove the value from |
Returns: Promise<void>
setBiometricsEnabled
Enable/Disable Biometric authentication for the vault
Usage
_10vault.setBiometricsEnabled(true);
Throws
VaultError - if biometrics is unavailable or the vault is locked
Parameters
| Name | Type | Description |
|---|---|---|
isBiometricsEnabled | boolean | whether or not biometrics should be enabled |
Returns: Promise<void>
setHideScreenOnBackground
Set whether or not the screen will be obscured in app switcher mode
Parameters
| Name | Type |
|---|---|
enabled | boolean |
Returns: Promise<void>
void
setPasscode
Set or Change the passcode for the vault
Usage
_10vault.setPasscode();
Throws
VaultError - if the vault is locked, passcode is disabled, user canceled pin prompt, or pin was mismatched
Parameters
| Name | Type | Description |
|---|---|---|
passcode? | string | The passcode to set. If left null a native dialog will prompt the user to enter it. |
Returns: Promise<void>
setPasscodeEnabled
Enable/Disable passcode authentication for the vault
Usage
_10vault.setPasscodeEnabled(true);
Throws
VaultError - if the vault is locked
Parameters
| Name | Type | Description |
|---|---|---|
isPasscodeEnabled | boolean | whether or not passcode should be enabled |
Returns: Promise<void>
setSecureStorageModeEnabled
Enable/Disable secure storage mode for the vault. Setting AuthMode.SecureStorage automatically disables passcode and biometric authentication and allows for session values to be stored persistently and securely at rest using the keychain but allowing the user to access the data without authenticating as long as the device is unlocked.
Usage
_10vault.setSecureStorageModeEnabled(true);
Throws
VaultError - if the vault is locked
Parameters
| Name | Type | Description |
|---|---|---|
isSecureStorageModeEnabled | boolean | whether or not secure storage mode should be enabled |
Returns: Promise<void>
storeToken
Store a value securely in the token slot. This is equivalent to calling storeValue("token", token).
Usage
_10vault.storeToken(token);
Throws
VaultError - if vault is locked, or if passcode is enabled but passcode has not been setup
Parameters
| Name | Type | Description |
|---|---|---|
token | any | the value to store in the token slot |
Returns: Promise<void>
storeValue
Store data securely under the given key.
Usage
_10vault.storeValue("email", emailToken);
Throws
VaultError - if vault is locked, or if passcode is enabled but passcode has not been setup
Parameters
| Name | Type | Description |
|---|---|---|
key | string | the key to store in the value in |
value | any | the value to store |
Returns: Promise<void>
unlock
Unlock the vault using either passcode or biometrics
Usage
_10vault.unlock();
Throws
VaultError - if the vault is locked, the unlock type wasn't enabled, user canceled pin prompt, or pin was mismatched
Parameters
| Name | Type | Description |
|---|---|---|
usingPasscode? | boolean | whether or not to use passcode to unlock the vault |
passcode? | string | The passcode to use. If left null a native dialog will prompt the user to enter it. |
Returns: Promise<void>
unsubscribe
Unsubscribe the instance from events about the vault.
Usage
_10vault.unsubscribe();
Returns: Promise<void>