Skip to main content
Version: 4.3

IdentityVault

The underlying vault API. You can gain direct access to the vault for more advanced usage by using the IdentityVaultUser.getVault method.

Properties#

config#

The current configuration of the vault will stay current as long as unsubscribe is not called.

Methods#

clear#

Clear all vault data including stored tokens, values, and passcodes. The vault will be empty and unlocked after this.

Usage#

vault.clear()

Returns: Promise<void>

getAvailableHardware#

Gets the types of biometrics the device supports.

Please note, this method only shows the biometrics the device is capable of, and does not reflect whether the biometric methods are enrolled or enabled.

Traditionally Android has only supported fingerprint biometrics through the SDK. As of Android 10 multiple options are supported. Samsung devices can offer iris and face biometrics that exists outside the scope of the Android SDK. Since there is no official Android SDK support to detect those Samsung features, we attempt to determine their presence based on if the device has the Samsung face or iris biometrics software installed.

Usage#

const availableHardware = await vault.getAvailableHardware();

Returns: Promise<SupportedBiometricType[]>

the list of biometrics the device supports

getBiometricType#

Get the type of biometrics the device supports

Usage#

const biometricType = await vault.getBiometricType();

this method has been deprecated in favor of getAvailableHardware

Returns: Promise<BiometricType>

the type of biometrics the device supports

getConfig#

Get the current configuration of the vault

Usage#

const config = await vault.getConfig();

Returns: Promise<PluginConfiguration>

the configuration

getKeys#

Get all keys with stored values.

Usage#

const keys = await vault.getKeys();

Throws#

VaultError - if vault is locked

Returns: Promise<string[]>

array with all keys

getToken#

Get any data stored in the token slot. This is equivalent to calling getValue("token").

Usage#

const token = await vault.getToken();

Throws#

VaultError - if vault is locked

Returns: Promise<any>

token data

getUsername#

Get the username associated with the vault

Usage#

const username = await vault.getUsername();

Returns: Promise<string>

the username for the vault

getValue#

Get a value stored under the given key.

Throws#

VaultError - if vault is locked

Parameters#

NameTypeDescription
keystringthe key where the value is stored

Returns: Promise<any>

the value stored at the key

isBiometricsAvailable#

Check whether or not biometrics is supported by the device and has been configured by the current user of the device

Usage#

const biometricsAvailable = await vault.isBiometricsAvailable();

Returns: Promise<boolean>

whether or not biometrics is available

isBiometricsEnabled#

Check whether or not biometrics is enabled on the vault

Usage#

const biometricsEnabled = await vault.isBiometricsEnabled();

Returns: Promise<boolean>

whether or not biometrics is enabled

isBiometricsSupported#

Check whether or not biometrics is supported by the device

Usage#

const biometricsSupported = await vault.isBiometricsSupported();

Returns: Promise<boolean>

whether or not biometrics is supported

isInUse#

Check whether the vault has any values stored in it.

Usage#

const vaultIsInUse = await vault.isInUse();

Returns: Promise<boolean>

whether the vault has stored values

isLocked#

Check whether the vault is currently locked

Usage#

if(!(await vault.isLocked())) {
// Do something if vault is not locked
}

Returns: Promise<boolean>

whether the vault is locked

isLockedOutOfBiometrics#

Check whether the biometrics are locked on the device

Usage#

const bioLockedOut = await vault.isLockedOutOfBiometrics();

Returns: Promise<boolean>

whether biometrics are locked

isPasscodeEnabled#

Check if passcode authentication is enabled for the vault

Usage#

const passcodeEnabled = await vault.isPasscodeEnabled();

Returns: Promise<boolean>

whether or not the passcode is enabled

isPasscodeSetupNeeded#

Check whether or not a passcode needs to be set for the vault using setPasscode

Usage#

const passcodeSetupNeeded = await vault.isPasscodeSetupNeeded();

Returns: Promise<boolean>

whether or not the passcode needs to be set

isSecureStorageModeEnabled#

Check if AuthMode.SecureStorage is enabled for the vault

Usage#

const secureStorageModeEnabled = await vault.isSecureStorageModeEnabled();

Returns: Promise<boolean>

whether or not the secure storage mode is enabled

lock#

Lock the vault clearing the contents from memory and requiring biometrics or passcode to unlock

Usage#

vault.lock()

Returns: Promise<void>

remainingAttempts#

Check how many remaining failed attempts are left until vault clears

Usage#

const remainingAttempts = await vault.remainingAttempts();

Returns: Promise<number>

the number of remaining attempts

removeValue#

Removes data under the given key.

Usage#

vault.removeValue("email");

Throws#

VaultError - if vault is locked, or if passcode is enabled but passcode has not been setup

Parameters#

NameTypeDescription
keystringthe key to remove the value from

Returns: Promise<void>

setBiometricsEnabled#

Enable/Disable Biometric authentication for the vault

Usage#

vault.setBiometricsEnabled(true);

Throws#

VaultError - if biometrics is unavailable or the vault is locked

Parameters#

NameTypeDescription
isBiometricsEnabledbooleanwhether or not biometrics should be enabled

Returns: Promise<void>

setHideScreenOnBackground#

Set whether or not the screen will be obscured in app switcher mode

Parameters#

NameType
enabledboolean

Returns: Promise<void>

void

setPasscode#

Set or Change the passcode for the vault

Usage#

vault.setPasscode();

Throws#

VaultError - if the vault is locked, passcode is disabled, user canceled pin prompt, or pin was mismatched

Parameters#

NameTypeDescription
passcode?stringThe passcode to set. If left null a native dialog will prompt the user to enter it.

Returns: Promise<void>

setPasscodeEnabled#

Enable/Disable passcode authentication for the vault

Usage#

vault.setPasscodeEnabled(true);

Throws#

VaultError - if the vault is locked

Parameters#

NameTypeDescription
isPasscodeEnabledbooleanwhether or not passcode should be enabled

Returns: Promise<void>

setSecureStorageModeEnabled#

Enable/Disable secure storage mode for the vault. Setting AuthMode.SecureStorage automatically disables passcode and biometric authentication and allows for session values to be stored persistently and securely at rest using the keychain but allowing the user to access the data without authenticating as long as the device is unlocked.

Usage#

vault.setSecureStorageModeEnabled(true);

Throws#

VaultError - if the vault is locked

Parameters#

NameTypeDescription
isSecureStorageModeEnabledbooleanwhether or not secure storage mode should be enabled

Returns: Promise<void>

storeToken#

Store a value securely in the token slot. This is equivalent to calling storeValue("token", token).

Usage#

vault.storeToken(token);

Throws#

VaultError - if vault is locked, or if passcode is enabled but passcode has not been setup

Parameters#

NameTypeDescription
tokenanythe value to store in the token slot

Returns: Promise<void>

storeValue#

Store data securely under the given key.

Usage#

vault.storeValue("email", emailToken);

Throws#

VaultError - if vault is locked, or if passcode is enabled but passcode has not been setup

Parameters#

NameTypeDescription
keystringthe key to store in the value in
valueanythe value to store

Returns: Promise<void>

unlock#

Unlock the vault using either passcode or biometrics

Usage#

vault.unlock();

Throws#

VaultError - if the vault is locked, the unlock type wasn't enabled, user canceled pin prompt, or pin was mismatched

Parameters#

NameTypeDescription
usingPasscode?booleanwhether or not to use passcode to unlock the vault
passcode?stringThe passcode to use. If left null a native dialog will prompt the user to enter it.

Returns: Promise<void>

unsubscribe#

Unsubscribe the instance from events about the vault.

Usage#

vault.unsubscribe();

Returns: Promise<void>