A community package that wrapped the Auth0 Guardian SDKs for Android and iOS and provide a convenient api to be use in a Flutter app.
Guardian is Auth0's multi-factor authentication (MFA) service that provides a simple, safe way for you to implement MFA.
Auth0 is an authentication broker that supports social identity providers as well as enterprise identity providers such as Active Directory, LDAP, Google Apps and Salesforce.
This SDK allows you to integrate Auth0's Guardian multi-factor service in your own app, transforming it in the second factor itself. Your users will get all the benefits of our frictionless multi-factor authentication from your app.
Flutter | Android | iOS |
---|---|---|
SDK 3.3.0+ | Android API 23+ | iOS 13+ |
Dart 3.4.3+ | Java 8+ | Swift 5.0+ |
Guardian.swift -> v1.4.2
Guardian.android -> v0.8.0
Add auth0_guardian into your project:
flutter pub add auth0_guardian
To use this SDK you have to configure your tenant's Guardian service with your own push notification credentials, otherwise you would not receive any push notifications. Please read the docs about how to accomplish that.
You'll also have to configure a notification system in your app. (Firebase or other...)
✨ Feature | 📱 Android | 🍏 iOS |
---|---|---|
Enroll device | ✅ | ✅ |
Delete device (un-enroll) | ✅ | ✅ |
Accept request | ✅ | ✅ |
Reject request | ✅ | ✅ |
Update device | ❌ | ✅ |
An implementation example is available here.
You can access the Guardian API using the Guardian class. Here YOUR_DOMAIN is your own configured Auth0 tenant.
final guardian = Guardian(domain: <YOUR_DOMAIN>);
First get an enrollUri using your own way (probably by reading a qr_code). See the official documentation.
You should also pass the notification token to be associated to this device (FCM / APNs).
final EnrolledDevice device = await guardian.enroll(
usingUri: enrollUri,
notificationToken: notificationToken,
);
You should store the device object permanently if you want to keep the ability to update / delete (un-enroll) this device in the future.
💡 Note: Only the id, the deviceToken and the userId and the required fields from EnrolledDevice to store.
When using the enroll method a signing key will be generated to identify this device. For iOS it'll be store in the Keychain, on Android on the KeyStore.
After a successfull enrollment, use your own system (Firebase or other) to catch the incomings notifications.
You can check if a notification payload is coming from Guardian using the isGuardianNotification method.
final isValid = await guardian.isGuardianNotification(message.data!);
Then pass the payload to the acceptRequest method to accept the login.
final bool result = guardian.acceptRequest(notification: payload);
After a successfull enrollment, use your own system (Firebase or other) to catch the incomings notifications.
You can check if a notification payload is coming from Guardian using the isGuardianNotification method.
final isValid = await guardian.isGuardianNotification(message.data!);
Then pass the payload to the rejectRequest method to reject the login.
final bool result = guardian.rejectRequest(notification: payload, reason: <OPTIONAL_REASON>);
To un-enroll a device from your Auth0 tenant.
final bool result = await guardian.deleteDevice(device);
await guardian.updateDevice(
device,
name: <NEW_NAME>,
notificationToken: <NEW_TOKEN>,
localIdentifier: <NEW_LOCAL_IDENTIFIER>,
);
- Adding unit tests 🧪
- Implementing update method for Android.
This project is licensed under the MIT license. See the LICENSE file for more info.