Authentication

The AppStudio AppFramework provides an Authentication plug-in that authenticates users through their biometric signature on supported devices. You can use this in conjunction with secure storage to store and access credentials, tokens, or any sensitive information. To use this functionality, you first need to include the following import statement:

1
import ArcGIS.AppFramework.Authentication 1.0

For an example of this functionality, see the sample app available in ArcGIS AppStudio or in the AppStudio samples GitHub repository.

Biometric authenticator

The BiometricAuthenticator component supports authentication via fingerprint scan on iOS, macOS, Android, and Windows platforms, as well as face ID on iPhone 10 and later. To use this capability, your app must have Biometric Authentication enabled, which can be done in Settings > Capabilities.

To use fingerprint authentication, the user's device must have a built-in fingerprint sensor or portable reader to have this capability enabled on their device, and their fingerprints must be enrolled in their device. The following code sample uses the supported , activated , and errorMessage properties to display whether this functionality is supported. If the authenticator can't be used, an error message appears.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
Text {
    id: supportCheck
    text: BiometricAuthenticator.supported ? "Fingerprint supported" : "Fingerprint not supported"
}

Text {
    id: activeCheck
    text: BiometricAuthenticator.activated ? "Fingerprint activated" : "Fingerprint not activated"
    anchors.top: supportCheck.bottom
}

Text {
    id: errormessage
    text: BiometricAuthenticator.errorMessage
    anchors.top: activeCheck.bottom
}

The BiometricAuthenticator component has an authenticate method that displays a native fingerprint authentication dialog box, and a message property that sets the authentication message on the dialog box. To use biometric authentication, you have to both set the message property and call the authenticate method, being aware that message has to be set before calling authenticate . The following code sample shows how to use the authenticate method, along with a specified message:

1
2
3
4
Component.onCompleted: {
    BiometricAuthenticator.message = "Authenticate to log into your account"
    BiometricAuthenticator.authenticate()
}

BiometricAuthenticator contains two signals to display the result of the authentication process. The accepted signal is emitted when the authentication is successful, while the rejected signal is emitted, with explanation, when the authentication has failed due to an error or cancellation. The following code sample uses these signals to return the results of a scan, with each possible failure condition being given a short user-readable string:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
Text {
    id: status
    anchors.top: errormessage.bottom
}

Connections {
    target: BiometricAuthenticator

    onAccepted: {
        status.text = "Success"
    }
    onRejected: {
        status.text = constructMessage(reason)
    }
}

function constructMessage(reason)
{
    var result = "";
    switch (reason)
    {
    case 1:
        result = qsTr("Cancelled By User");
        break;
    case 2:
        result = qsTr("Invalid Credentials");
        break;
    case 3:
        result = qsTr("Not Configured");
        break;
    case 4:
        result = qsTr("User Fallback");
        break;
    case 5:
        result = qsTr("Permission Denied");
        break;
    case 6:
        result = qsTr("Biometric Not Supported");
        break;
    case 7:
        result = qsTr("Bad Capture");
        break;
    case 8:
        result = qsTr("Platform Not Supported");
        break;
    default:
        result = qsTr("Unknown");
    }
    return result;
}