Before you start

Before you begin integrating the SDKs, ensure the following are in place:

✅ You have an active integration project with Aera

✅ You have received required credentials, see Credentials section below

✅ You have whitelisted your app for Secure ID onboarding, see Whitelisting section

✅ Your team has access to the required files in Sharepoint, see Files section below

✅ You have a working Mobile App set up

Credentials

The Wallets SDK is installed in your Mobile App. This App needs secure communication with your Mobile App Backend. Your Mobile Backend needs secure communication with Aera. See Aera Wallet API for Aera backend integration.

Whitelisting

Whitelisting for integrity checks

Aera Secure ID utilize Play Integrity and AppAttest in order to detect repackaged applications. Ensure your App ID is whitelisted by Aera in staging and production by providing Aera with the following information:

iOS: Team and bundle ID.
- Example: teamId.my.domain.myapp
Android: Package name.
- Example: my.domain.myapp

Whitelisting for deeplinking

Aera Secure ID utilize Auth Tab and ASWebAuthenticationSession. For identity providers requiring app switch/deeplinking, the Mobile App (also separating builds types like debug and release) must be whitelisted in order to receive the deeplink correctly during identity provider redirect. Ensure your Mobile Apps are whitelisted by Aera in staging and production by providing Aera with the following information:

iOS:
- Team and bundle ID(s).
  - Example: teamId.my.domain.myapp
  - If multiple builds/apps, like debug and staging, make sure to whitelist them as well to ensure the correct app is selected, e.g. teamId.my.domain.myapp and teamId.my.domain.myapp.debug
- The respective App name(s)
  - Example: myapp and myapp-debug
Android:
- Package name.
  - Example: my.domain.myapp
  - If multiple builds/apps, like debug and staging, make sure to whitelist them as well to ensure the correct app is selected, e.g. my.domain.myapp and my.domain.myapp.debug
- The respective SHA-256 Certificate Fingerprints

Generate the SHA-256 Certificate Fingerprint

Debug Key: Run
$ keytool -list -v -keystore ~/.android/debug.keystore -alias androiddebugkey -storepass android -keypass android
Release Key: Use the signature from the Google Play Console under Release > Setup > App Signing.

For implementation details on how to enable and receive deeplinks, see Secure ID section.

Files

The following files are needed in order to setup the Wallets SDK in your Mobile App.

Android

Description	Name	Usage	Location
Secure ID- and Wallets SDK releases	aeraWalletsSDK-debug.aar AeraSdk-androidx-release-TEST-signed.aar	Using the SDK	Sharepoint
Aera Public key	staging.public.play.aera.pem	Setting up Google Play Integrity API	Sharepoint
Secure ID- and Wallets Public keystores	android-wallets-sdk-keystore-debug-public.p12 aarsign-public-debug.keystore	Verifying SDK release integrity	Sharepoint

Description

Name

Usage

Location

Secure ID- and Wallets SDK releases

aeraWalletsSDK-debug.aar

AeraSdk-androidx-release-TEST-signed.aar

Using the SDK

Sharepoint

Aera Public key

staging.public.play.aera.pem

Setting up

Google Play Integrity API

Sharepoint

Secure ID- and Wallets Public keystores

android-wallets-sdk-keystore-debug-public.p12

aarsign-public-debug.keystore

Verifying SDK release integrity

Sharepoint

iOS

Description	Name	Usage	Location
Secure ID- and Wallets SDK releases	aerawalletssdk.framework Aera.xcframework.test.xcframework	Using the SDK	Sharepoint