HomeGuidesAPI ReferenceChangelog
Log InChangelog
Guides
Changelog

Aera Secure ID

Ensure the Mobile App can receive and communicate deeplinks during onboarding

About

The Wallets SDK utilize the Secure ID SDK, and the Mobile App does not communicate with it directly. However, during onboarding, some identity providers require app switch/deeplinking during the OAuth flow. To ensure the Mobile App can recieve Secure ID App links/Universal links correctly during onboarding, and communicate the result to the Aera Secure ID SDK, the following must be implemented.

โš ๏ธ Not yet available for Production

Prerequisites

Ensure all prerequisites, including the whitelisting, has been done. See "Prerequisites" section.

Common

A deeplink will be triggered during onboarding for some identity providers requiring app switch. To ensure the correct redirectUri is provided to the identity provider to deeplink into the correct app after authentication, the Mobile App needs to provide the url to the Wallets SDK on "getOpenWalletUrl" and "deleteWallet". See "Definitions" section for more information.

Example:

let debugRedirectUri = "https://sid-staging.aerahost.com/sid/callback/myAppName-debug"
let stagingRedirectUri = "https://sid-staging.aerahost.com/sid/callback/myAppName"
let prodRedirectUri = "https://sid.aerahost.com/sid/callback/myAppName" // Not yet available

// Send correct authRedirectUri to getOpenWalletUrl/deleteWallet based on current app build

Android

  1. Ensure your app has been whitelisted by Aera. The app information should be visible under Aera Secure ID assetlinks.json:
    https://sid-staging.aerahost.com/.well-known/assetlinks.json
  2. Implement the Activity and Intent used by Aera Secure ID SDK in your Mobile App's AndroidManifest.xml 
    <activity 
  android:name="com.aerahost.aerawalletssdk.external.InitActivity" 
  android:exported="true"
>
  <intent-filter android:autoVerify="true">
    <action android:name="android.intent.action.VIEW" />
    <category android:name="android.intent.category.DEFAULT" />
    <category android:name="android.intent.category.BROWSABLE" />
    <data android:scheme="https" />
    <data android:host="sid-staging.aerahost.com" />
    <data android:pathPattern="/wallets/callback/YOUR-STAGING-APP-NAME-1" /> // e.g. myAppName-debug
  </intent-filter>
	<intent-filter android:autoVerify="true">
    <action android:name="android.intent.action.VIEW" />
    <category android:name="android.intent.category.DEFAULT" />
    <category android:name="android.intent.category.BROWSABLE" />
    <data android:scheme="https" />
    <data android:host="sid-staging.aerahost.com" />
    <data android:pathPattern="/wallets/callback/YOUR-STAGING-APP-NAME-2" /> // e.g. myAppName
  </intent-filter>
  <intent-filter android:autoVerify="true">
    <action android:name="android.intent.action.VIEW" />
    <category android:name="android.intent.category.DEFAULT" />
    <category android:name="android.intent.category.BROWSABLE" />
    <data android:scheme="https" />
    <data android:host="sid.aerahost.com" /> // Production host. NOT YET AVAILABLE
    <data android:pathPattern="/wallets/callback/YOUR-PRODUCTION-APP-NAME" /> // e.g. myAppName
  </intent-filter>
</activity>
    Implement the correct number of intent-filters based on the number of apps (e.g. 2 if debug and release), providing different app names to redirect to the correct app where multiple are installed on the same device

Read more about Android deeplinking here: https://developer.android.com/training/app-links

๐Ÿ‘‹ iOS

  1. Ensure your app has been whitelisted by Aera. The app information should be visible under Aera Secure ID apple-app-site-association:
    https://sid-staging.aerahost.com/.well-known/apple-app-site-association
  2. To be able to use Associated Domains, the capability must be added to your App Identifier in the Apple Developer Portal.
  3. Add the "Associated Domains" capability for your app target under target > Signing & Capabilities. Remember to add for all configurations.
    1. applinks:sid-staging.aerahost.com
    2. webcredentials:sid-staging.aerahost.com
    3. Production is not yet available, but would use
      1. applinks:sid.aerahost.com
      2. webcredentials:sid.aerahost.com
  4. In your native iOS App code, implement the two Wallets SDK methods "setAuthCallbackAppName" and "handleDeeplink" to communicate with Secure ID SDK 
    @main
struct myApp: App {
    
    // ...
    
  init(){
    		let debugAppName = "myAppName-debug"
  			let stagingAppName = "myAppName"
  			let prodAppName = "myAppName" 

        AeraWalletsSDK.shared.setAuthCallbackAppName(name: "myAppName")
    }

    var body: some Scene {
        WindowGroup {
            MyContent()
            .onOpenURL { url in
                AeraWalletsSDK.shared.handleDeeplink(url: url)
            }
						.onContinueUserActivity(NSUserActivityTypeBrowsingWeb) { activity in // ๐Ÿ‘ˆ
                guard let url = activity.webpageURL else { return }
                _ = AeraWalletsSDK.shared.handleDeeplink(url: url)
            }

        }
    }
}
    handleDeeplink checks if the callback is for Secure ID. If not, it tries to close the Wallets SDK system browser (if opened earlier by openURL method). If other deeplinks are used by the Mobile App, ensure to call it only when relevant.

Read more about iOS deeplinking here: https://developer.apple.com/documentation/xcode/allowing-apps-and-websites-to-link-to-your-content/

Known limitations

Some older Samsung Devices does not enable deeplinking by default.

To be able to open deeplinks with the app, the consumer must go to settings for the app and allow opening deeplinks in their app.


Updated about 21 hours ago