Smart Lock for Passwords in Android app

Smart Lock for Passwords is a part of Google Identity Platform. With Smart Lock for Passwords, you get frictionless sign-in and sign-up into apps on Android and sites in Chrome with any account. Users will get automatically signed-in across devices. In turn, you reduce the risk of forgotten user passwords and missed conversion opportunities when users get frustratred trying to sign in or move on to another activity. Onece your user saves a password to Smart Lock, they can skip entering their credentials on all of ther Chrome and Android devices.

Smart Lock for Passwords in Android

To integrate Smart Lock for Passwords into your Android app, you must add calls to the Credentials API to your app’s start-up and sign-in flow. The following diagram shows the flow of a typical Android app that uses Smart Lock for Passwords. While there are many ways to successfully integrate Smart Lock for Passwords, and the specifics of an integration depend on the structure and user experience of the app, the following flow is recommended for most apps. Apps that use this flow have these user experience advantages:

  • Existing users of your service that have a single credential saved are immediately signed in, and they will go directly to the signed-in view when they open the app.
  • User that have multipe credetials saved or that have disabled automatic sign-in need to respond to only one dialog before they go to the app’s signed-in view.
  • Optional: Users that have no saved credentials or haven’t singed up yet can pick their name and email with a single tap and be intelligently sent to either the sign-in or sign-up view, with this infomation pre-filled.
  • When users sign out, the app ensures they are not automatically signed back in.

smartlock-passwords-flow

Retrieve credentials

  1. When the app starts, if no user is already signed in, call CredentialsApi.request()
  2. If getStatus().isSuccess() returns true, get the user’s credentials with getCredential() and use them to sign in.
  3. If getStatus().isSuccess() returns false and getStatusCode() returns RESOLUTION_REQUIRED, user input is required to pick a creadential. Call startResolutionForResult() to pormpt the user to select a saved account, then call getParcelableExtra(Credential.EXTRA_KEY) to get the user’s credentials and use them to sign in.

Save credentials

  1. If getStatus().isSuccess() returns false and getStatusCode() returns SIGN_IN_REQUIRED, the user has no saved credentials and must sign in or sign up manually using your current sign-in or sign-up flow. After the user successfully completes sign in, you can provide an opportunity for the user to save their credentials for future retrieval.

Optionally, you can help the user sign in or sign up faster and more easily by retrieving sign-in hints, such as the user’s email address. The user can select the hint and skip typing their credentials. If your app requires users to sign in, you might shoose to retrieve hints immediately after the initial credentials request fails (otherwise, you can wait intil the user starts the sign-in or sign-up flow).

  • Call startResolutionForResult() to prompt the user to select an account, then call getParcelableExtra(Credential.EXTRA_KEY) to get te sign-in hint.
  • If the user ID of the hint matches an existing user, pre-fill the sign-in form with it and let the user enter the password to sign in.
  • If the user ID of the hint doesn’t match an existing user, pre-fill the sign-up form with the user’s ID and name, and let the user create a new account.

  • After the user successfully signs in or creates an account, save the user ID and password with CredentialApi.save().

Sign out

  1. When the user signs out, call CredentialsApi.disableAutoSignIn() to prevent the user from being immediately signed back in.