Stytch offers a comprehensive mobile authentication solution that simplifies integration with its API using our mobile SDKs. As the only authentication provider with a complete set of APIs, Stytch enables the creation of custom end-to-end authentication flows tailored to your mobile tech stack. With two integration options, Stytch
and StytchUI
, Stytch's SDKs allow you to craft an authentication experience that flexibility integrates into your app. Stytch
offers a fully customizable headless API integration to suit your specific needs, while StytchUI
provides a configurable view to expedite the integration process.
Note: Currently StytchUI
only supports our consumer client, B2B UI coming soon!
If you are completely new to Stytch, prior to using the SDK you will first need to visit Stytch's homepage, sign up, and create a new project in the dashboard. You'll then need to adjust your SDK configuration — adding your app's application id to Authorized applications
and enabling any Auth methods
you wish to use.
The Stytch Android SDK is distributed via Maven Central. To add the Stytch SDK, first ensure that you have added mavenCentral()
to your projects build.gradle(.kts)
:
allprojects {
...
repositories {
...
mavenCentral()
}
}
Then, add the Stytch SDK artifact to your application's dependencies:
dependencies {
...
implementation("com.stytch.sdk:sdk:latest.release")
...
}
Lastly, you must modify your applications build.gradle(.kts) to supply three manifestPlaceholders
; two of them are for enabling OAuth deeplinks, and one is for enabling our UI SDK. If you are not using either, you still need to supply these placeholders, but they can be blank. The OAuth manifest placeholder values can be any valid scheme or host, and do not relate to your OAuth settings in the Stytch Dashboard. These are only used internally within your app to register an OAuth receiver activity. More information is available in our OAuth tutorial. The STYTCH_PUBLIC_TOKEN is your public token, which you can get from your project dashboard
android {
...
defaultConfig {
...
manifestPlaceholders = [
'stytchOAuthRedirectScheme': '[YOUR_AUTH_SCHEME]', // eg: 'app'
'stytchOAuthRedirectHost': '[YOUR_AUTH_HOST]', // eg: 'myhost'
'STYTCH_PUBLIC_TOKEN': '[STYTCH_PUBLIC_TOKEN]',
]
...
}
}
Before using any part of the Stytch SDK, you must call configure to set the application context and public token as specified in your project dashboard.
If configuring from an Application Class:
import com.stytch.sdk.consumer.StytchClient
class App : Application() {
override fun onCreate() {
super.onCreate()
...
StytchClient.configure(
context = this,
publicToken = [STYTCH_PUBLIC_TOKEN],
)
...
}
}
If configuring from an activity:
import com.stytch.sdk.consumer.StytchClient
class MainActivity : FragmentActivity() {
override fun onCreate() {
super.onCreate()
...
StytchClient.configure(
context = applicationContext,
publicToken = [STYTCH_PUBLIC_TOKEN],
)
...
}
}
Stytch exposes clients for both Consumer and B2B, so make sure to use the one that corresponds with your project configuration. For the sake of this example we will be using the consumer one: StytchClient.
import com.stytch.sdk.consumer.StytchClient
class MyViewModel : ViewModel() {
// we'll be saving a method ID for later authentication
private var methodId: String? = null
// Send a OTP (one time passcode) via SMS
fun sendSmsOtp(phoneNumber: String) {
viewModelScope.launch {
val response = StytchClient.otps.sms.loginOrCreate(
OTP.SmsOTP.Parameters(
phoneNumber = phoneNumber,
),
)
when (response) {
is StytchResult.Success -> {
// save the methodId for the subsequent authenticate call
methodId = response.value.methodId
}
is StytchResult.Error -> {
// something went wrong
}
}
}
}
// Authenticate a user using the OTP sent via SMS
fun authenticateSmsOtp(code: String) {
viewModelScope.launch {
val response = StytchClient.otps.authenticate(
OTP.AuthParameters(
token = code,
methodId = methodId
),
)
when (response) {
is StytchResult.Success -> {
// the user has been authenticated
}
is StytchResult.Error -> {
// something went wrong
}
}
}
}
}
While the Stytch Android SDK makes heavy use of Coroutines under the hood, every suspend function has a callback-compatible version for developers that are not using Coroutines. An example of the above authenticateSmsOtp
method with callbacks might look like this:
fun authenticateSmsOtp(code: String) {
val params = OTP.AuthParameters(
token = code,
methodId = methodId
)
StytchClient.otps.authenticate(params) { response ->
when (response) {
is StytchResult.Success -> {
// the user has been authenticated
}
is StytchResult.Error -> {
// something went wrong
}
}
}
}
For further information and tutorials on some of our more common implementations, see the following:
Full reference documentation is available for Stytch and StytchUI.
Join the discussion, ask questions, and suggest new features in our Slack community!
Check out the Stytch Forum or email us at support@stytch.com.
The Stytch Android SDK is released under the MIT license. See LICENSE for details.