Step 2. Integrating PingOne Protect DaVinci flows in Android
PingOne Android
Integrating your application with PingOne Protect enables you to perform risk evaluations during your customer’s authentication flow.
Initializing PingOne Protect data collection manually
The earlier you can initialize data collection, the more data it can collect to make a risk evaluation.
Rather than wait to receive a ProtectCollector from the server, you can initialize PingOne Protect data collection in your client app, providing your own configuration settings.
There are two main methods for early initialization of PingOne Protect data collection on the client:
Direct initialization using the Protect interface
The DaVinci Client allows you to initialize data collection directly using the Protect interface. This provides maximum flexibility in how the collection operates.
To directly initialize data collection using the Protect interface, complete these steps:
-
Add a configuration object to your code that defines the property values for data collection.
The available properties are as follows:
Parameter Description envIDRequired. Your PingOne environment identifier.
For example,
3072206d-c6ce-ch15-m0nd-f87e972c7cc3deviceAttributesToIgnoreOptional. A list of device attributes to ignore when collecting device signals.
For example,
AUDIO_OUTPUT_DEVICESorIS_ACCEPT_COOKIES.isBehavioralDataCollectionWhen
true, collect behavioral data.Default is
true.isConsoleLogEnabledWhen
true, output SDK log messages in the developer console.Default is
false.isLazyMetadataWhen
true, calculate metadata on demand rather than automatically after callingstart.Default is
false.customHostOptional. Specify a custom host for the Protect API, which can be useful in specific deployment scenarios.
Example code:
Protect.config { isBehavioralDataCollection = true isLazyMetadata = true envId = "3072206d-c6ce-ch15-m0nd-f87e972c7cc3" deviceAttributesToIgnore = listOf("deviceId", "androidId", "serialNumber") isConsoleLogEnabled = true } -
Call the
initialize()function to start the data collection using the configuration object:Protect.initialize() Log.d("Protect", "Protect data collection initialized.")
Use the ProtectLifecycle module for Android
The DaVinci Client for Android provides the ProtectLifecycle module for simplifying the management of data collection.
As a DaVinci Client module, it is aware of the current state of authentication, and can automatically pause and resume behavioral data collection when required.
Configure the ProtectLifecycle module in your DaVinci Client configuration, as with other modules.
The available properties are as follows:
| Parameter | Description |
|---|---|
|
Required. Your PingOne environment identifier. For example, |
|
Optional. A list of device attributes to ignore when collecting device signals. For example, |
|
When Default is |
|
When Default is |
|
When Default is |
|
Optional. Specify a custom host for the Protect API, which can be useful in specific deployment scenarios. |
|
When Default is |
|
When |
Example code:
DaVinci {
timeout = 30
module(Oidc) {
clientId = "dummy"
// ... Other OIDC configuration
}
module(ProtectLifecycle) {
isBehavioralDataCollection = true
isLazyMetadata = true
envId = "3072206d-c6ce-ch15-m0nd-f87e972c7cc3"
deviceAttributesToIgnore = listOf("deviceId")
isConsoleLogEnabled = true
pauseBehavioralDataOnSuccess = true
resumeBehavioralDataOnStart = true
}
}Pausing and resuming behavioral data capture
Part of the data collection includes collecting behavioral data, such as how the user interacts with the app, to help when performing evaluations.
There are scenarios where you might want to pause the collection of behavioral data:
-
To reduce memory and processor utilization. Continuously collecting behavioral data beyond authentication could reduce the performance of your client app.
-
You only want to consider device attribute data when performing PingOne Protect evaluations.
You can pause, and also resume behavioral data collection if required.
The SDKs provide the pauseBehavioralData() and resumeBehavioralData() methods for manually pausing and resuming the capture of behavioral data:
Protect.pauseBehavioralData() // Pause data collection.
Protect.resumeBehavioralData() // Resume data collection.Returning data to a DaVinci flow for risk evaluation
To perform risk evaluations, the PingOne server requires you to return metadata and optionally behavioural data from the client.
On receipt of ProtectCollector, use the collect() method to collect the required data,and populate the response ready to return to the server.
|
If you haven’t already initialized PingOne Protect data collection on the client, the This method of initializing PingOne Protect data collection means that you can alter collection settings on the server without having to recompile your client apps. However, initializing and returning PingOne Protect data in the same step reduces the amount of behavioural data your client can collect. |
When the data is successfully collected, call node.next() to submit the data back to the server for evaluation:
node.collectors.forEach {
when (it) {
is ProtectCollector -> {
when (val result = it.collect()) {
is Success -> {
// Data collection successful: Proceed to the next node in the DaVinci flow.
node.next()
}
is Failure -> {
// Data collection failed: Implement robust error handling.
// Example: Log the error, display an informative message, or implement a retry mechanism.
}
}
}
// ... Handle other collector types
}
}