Skip to content

Commit

Permalink
Merge branch 'FusionAuth:main' into master
Browse files Browse the repository at this point in the history
  • Loading branch information
@NoOneSpecialCodes
NoOneSpecialCodes authored Jun 18, 2024
2 parents 92c2c6f + 63d5524 commit 4bca09a
Show file tree
Hide file tree
Showing 7 changed files with 372 additions and 22 deletions.
Binary file added astro/public/img/blogs/android-sdk-beta/our-beta-android-sdk.png
View file
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
104 changes: 104 additions & 0 deletions astro/src/content/blog/android-sdk-beta.mdx
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,104 @@
---
publish_date: 2024-06-17
title: Our Beta Android SDK
description: Android SDK makes integrating with FusionAuth easier
authors: Colin Frick, Aaron Ritter
excerpt_separator: "{/* more */}"
image: /img/blogs/android-sdk-beta/our-beta-android-sdk.png
categories: Product
tags: sdks, android, kotlin
---
import RemoteContent from 'src/components/RemoteContent.astro';

FusionAuth's new beta SDK streamlines mobile development for iOS and Android, offering powerful backend capabilities and seamless integration with your preferred frameworks.

{/* more */}

Recently, the team released a software development kit (SDK) Beta for [Android](/docs/sdks/android-sdk) which eliminates boilerplate code, leading to cleaner and more efficient applications.

## The Android SDK

The FusionAuth Android SDK aims to provide a simple and trustworthy interface to authenticate mobile users with FusionAuth.

<RemoteContent url="https://raw.githubusercontent.com/FusionAuth/fusionauth-android-sdk/main/README.md"
tags="forDocSiteOverview" />

### Difference to AppAuth

For OAuth 2.0 authentication, the Authentication Manager uses [AppAuth](https://appauth.io/) to handle the authentication flow. AppAuth is an open-source library that provides a simple interface for authenticating users with OAuth 2.0. It's available for [Android](https://github.com/openid/AppAuth-Android) and [iOS](https://github.com/openid/AppAuth-iOS).

Using AppAuth directly might seem a good idea because it grants more control over the implementation, but there are compelling reasons to use the FusionAuth Android SDK instead.

1. **Simplified Authentication Flow**: The SDK simplifies the process of authenticating users with FusionAuth by providing a simple interface.

2. **Standardized Usage**: The SDK introduces standardized usage with the introduction of the Authorization Manager.

3. **Security**: The SDK handles best practice defaults in the Authorization Configuration.

4. **Time-Saving**: The SDK handles all dependencies and best practice defaults for you.

5. **Maintainability**: The SDK gives us the flexibility to add additional functionality without having to feature creep the AppAuth library, or implement features early until they get added to AppAuth.

### Getting Started

To simplify the experience, our primary goal was to introduce a minimum effort from the start. With a single import and a simple as possible configuration, which handles all dependencies and best practice defaults for you through the [Authorization Configuration](https://github.com/FusionAuth/fusionauth-android-sdk/blob/main/library/docs/library/io.fusionauth.mobilesdk/-authorization-configuration/index.md).

<RemoteContent url="https://raw.githubusercontent.com/FusionAuth/fusionauth-android-sdk/main/README.md"
tags="forDocSiteGettingStarted" />

### Usage

Our secondary goal with the SDK was the standardization of the usage with, for example, the introduction of the [Authorization Manager](https://github.com/FusionAuth/fusionauth-android-sdk/blob/main/library/docs/library/io.fusionauth.mobilesdk/-authorization-manager/index.md).

<RemoteContent url="https://raw.githubusercontent.com/FusionAuth/fusionauth-android-sdk/main/README.md"
tags="forDocSiteUsage" />

### Security

With the simplified start in the [Authorization Configuration](https://github.com/FusionAuth/fusionauth-android-sdk/blob/main/library/docs/library/io.fusionauth.mobilesdk/-authorization-configuration/index.md) and standardized usage in the [Authorization Manager](https://github.com/FusionAuth/fusionauth-android-sdk/blob/main/library/docs/library/io.fusionauth.mobilesdk/-authorization-manager/index.md) we now took care of best practice defaults. as well as handling token storage, refresh, and retrieval in the [Token Manager](https://github.com/FusionAuth/fusionauth-android-sdk/blob/main/library/docs/library/io.fusionauth.mobilesdk/-token-manager/index.md).

What we didn't want to change is the AppAuth authentication flow through a browser redirect. When using a browser redirect to the SSO URL, the only application that sees or holds sensitive user credentials is FusionAuth. Your application code never has access to these, which decreases the attack surface area.

In addition, FusionAuth has built-in security features such as:

* the ability to lock user accounts
* password rules
* webhook notifications when a user has failed to login
* breached password notification (with a paid license)
* rate limiting of sensitive security-related actions (with an Enterprise license)
* and more

[FusionAuth takes security seriously](/security); it's our full-time job. By redirecting to FusionAuth, you don't have to worry about any other part of your application getting access to sensitive information or credentials.

### Look and Feel

Do you typically want your login pages to look like your Mobile App? Doesn't a browser redirect make that difficult?

No, FusionAuth allows complete control over the look and feel of the hosted login pages. Learn more about this functionality, which we call [themes](/docs/customize/look-and-feel/), including an [example using Tailwind CSS](/docs/customize/look-and-feel/tailwind).

Being able to make the look and feel the same as your mobile app if your users use the same SSO page design for other use cases, e.g., your online store or portal. It will create more trust because the experience (including design, SSO URL, and authentication process) will be the same on mobile as anywhere else.

### Example

We've built an App for [ChangeBank](https://www.youtube.com/watch?v=CXDxNCzUspM), a global leader in converting dollars into coins.

<RemoteContent url="https://raw.githubusercontent.com/FusionAuth/fusionauth-android-sdk/main/README.md"
tags="forDocSiteExampleApp" />

<RemoteContent url="https://raw.githubusercontent.com/FusionAuth/fusionauth-android-sdk/main/README.md"
tags="forDocSiteQuickstart" />

## In Conclusion

With the introduction of the FusionAuth Android SDK Beta, we're eager to finalize the development into a final release and are looking forward to doing this with your feedback.

Especially as the SDK is set to standardize and secure your authorization processes in your mobile application development. We're interested to see if it helps your development, whether you're getting started or looking for a way to standardize and secure your authorization processes in your Android App.

## More details on the SDK and collaboration

We created detailed documentation of the SDK and made it available in the [GitHub repository](https://github.com/FusionAuth/fusionauth-android-sdk/) of the SDK.

<RemoteContent url="https://raw.githubusercontent.com/FusionAuth/fusionauth-android-sdk/main/README.md"
tags="forDocSiteDocumentation" />

In there, you will find as well how you can [contribute](https://github.com/FusionAuth/fusionauth-android-sdk/?tab=readme-ov-file#contributing) further in the development of the FusionAuth Android SDK.
50 changes: 37 additions & 13 deletions astro/src/content/docs/apis/system.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -261,27 +261,51 @@ FusionAuth also supports a system status check [using Prometheus](/docs/operate/
### Response
The JSON response from the Status API is complex and subject to change. The only exception is the `version` key.

`version` will not change and will be returned as below. As a reminder, an API key is required to obtain this value unless explicitly allowed from `localhost`.
```javascript
The `version` key will not change and will be returned as below. As a reminder, an API key is required to obtain this value unless explicitly allowed from `localhost`.
```json
{
{/* .. */}
"version": "1.26.1"
{/* .. */}
"version": "1.26.1"
}
```

The specific contents of the JSON body are not documented here. If you choose to use this API for monitoring purposes you should primarily use the response code to indicate server health. If you receive a `200` you may consider FusionAuth in a healthy state. The response body is intended for use by FusionAuth support.

_Response Codes_

| Code | Description |
|------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| 200 | The FusionAuth is functioning properly |
| 452 | The FusionAuth is failing to make a JDBC connection to the configured database. |
| 453 | The FusionAuth database connection pool connectivity is below the healthy threshold. Additional information may be available in the JSON response which is retrieved when using an API key. |
| 454 | The FusionAuth database connectivity pool connectivity is below the healthy threshold. Additional information may be available in the JSON response which is retrieved when using an API key. |
| 460 | FusionAuth is using Elasticsearch and the search service is reporting an unhealthy cluster status. In a cluster with 2+ nodes, this means the cluster status is being reported as `yellow` or `red`. In a single-node Elasticsearch configuration this means the cluster status is `red.` |
| 500 | The FusionAuth server is not functioning properly. This could indicate that the database connectivity failed or one or more services within FusionAuth failed. Consult the FusionAuth [Troubleshooting](/docs/operate/troubleshooting/troubleshooting) to learn more about the failure or contact FusionAuth support for assistance. |
| Code | Description |
|------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| 200 | FusionAuth is functioning properly |
| 452 | FusionAuth is failing to make a JDBC connection to the configured database. |
| 453 | The FusionAuth database connection pool connectivity is below the healthy threshold. This means requests are waiting too long to obtain a connection to the database. Additional information may be available in the JSON response which is retrieved when using an API key. |
| 454 | The FusionAuth database connection pool connectivity is below the healthy threshold. Additional information may be available in the JSON response which is retrieved when using an API key.<br/><br/> As of version `1.51.1` this status code will no longer be returned based upon the connectivity health check. In practice you only need to monitor for `452` to ensure FusionAuth is able to connect to the database. |
| 460 | FusionAuth is using Elasticsearch and the search service is reporting an unhealthy cluster status. In a cluster with 2+ nodes, this means the cluster status is being reported as `yellow` or `red`. In a single-node Elasticsearch configuration this means the cluster status is `red.`<br/><br/> As of version `1.51.1` this status code will no longer be returned based upon the Elasticsearch health check. If you are using an external Elasticsearch or OpenSearch service, you will want to monitor that separately from FusionAuth. |
| 500 | FusionAuth is not functioning properly. This could indicate that the database connectivity failed or one or more services within FusionAuth failed. Consult the FusionAuth [Troubleshooting](/docs/operate/troubleshooting/troubleshooting) to learn more about the failure or contact FusionAuth support for assistance. |

## Retrieve System Health

<Aside type="version">
This API has been available since 1.51.1
</Aside>

The Health API is used to monitor the health of the FusionAuth service. This endpoint is specifically intended for use by a load balancer to understand when FusionAUth is available, live and ready for requests. Prefer this endpoint to the Status API when using it for a load balancer or a Kubernetes readiness check.

This API does not require an API key.

### Request

<API method="GET" uri="/api/health" authentication={["none"]} title="Return the system health"/>

### Response

This API does not return a JSON response body.

_Response Codes_

| Code | Description |
|------|---------------------------------------------------------------------------------------------------------------------------------------------------------------|
| 200 | FusionAuth is functioning properly and can accept requests. |
| 500 | FusionAuth is not functioning properly. This will generally indicate that FusionAuth is not able to communicate with the database or complete I/O operations. |


## Retrieve System Version

Expand Down
Loading

0 comments on commit 4bca09a

Please sign in to comment.