Learn About Authenticating an Android Mobile App with Oracle Identity Cloud Service
Oracle Identity Cloud Service provides identity management, single sign-on, and identity governance for your applications. It also provides the security platform for Oracle Cloud, which lets you securely and easily access, develop, and deploy your applications. Oracle Identity Cloud Service can function as an identity provider, to centralize the authentication mechanism, handle all password management responsibilities, and provide single sign-on for your applications.
Architecture
The following architecture diagram shows how an Android mobile application uses the SDK for Android Applications to perform OpenID Connect authentication with Oracle Identity Cloud Service, based on the authorization code grant type.
Description of the illustration android-mobile-sdk-architecture.png
The authorization code grant type consists of the following steps:
-
The user opens the app on a mobile device.
-
The app uses the SDK for Android Applications to access Oracle Identity Cloud Service and get information about the authentication method.
-
The app forwards control to a mobile browser to authenticate with Oracle Identity Cloud Service.
-
Oracle Identity Cloud Service sends the sign-in page, and the user submits credentials for validation. After the Open ID Connect authentication flow ends, Oracle Identity Cloud Service issues a token.
-
The mobile browser forwards control to the mobile app, and then closes.
-
The mobile app receives the issued token and uses the SDK to display user information on the mobile device.
About the Sample Android Mobile Apps
To help you understand how to use the SDK for Android Applications, you can use a sample Android mobile application as a reference.
Instead of creating a mobile application from scratch, Oracle provides a sample application that you can integrate with Oracle Identity Cloud Service for authentication.
-
Web-views that are publicly accessible
-
Private web-views that verify the existence of an Oracle Identity Cloud Service user access token, in the session that the user has with the application
The sample application was developed using Gradle. Gradle automatically downloads the appropriate libraries and builds the application.
You should not use the sample application for production purposes. It doesn't adhere to the Android best practices, such as data handling, patterns, and security. The sole purpose of the sample application is to recommend an approach to integrate Oracle Identity Cloud Service with a custom application by using the SDK for Android Applications.
Before You Begin
Before you begin development of your Android mobile applications, ensure you have read these related design solutions:
About Required Services and Roles
An Oracle Identity Cloud Service administrator must be able to access the Oracle Identity Cloud Service console.
You must have the following roles:
Role | Required to... |
---|---|
User administrator |
Create users, create groups, and assign groups to users. |
Security administrator |
Access the Downloads page of the Oracle Identity Cloud Service console. From this page, you can download the SDK. |
Application administrator |
Manage applications in Oracle Identity Cloud Service, which includes registering the sample mobile app with Oracle Identity Cloud Service. |
See Learn how to get Oracle Cloud services for Oracle Solutions.