Authentication
Before you begin
Before you can authenticate and run the SDK you will need to setup your authentication server. To arrange access to our SDK repositories and authentication please contact your Account Manager.
Overview
In order to perform user-specific tasks (such as retrieving or submitting documents for processing), the Sensibill SDK requires a valid User Access Token it can use for communication with the Sensibill API.
In an SDK integration, the host app will implement the logic of retrieving and refreshing the token from the (integrator created) “Integration Server”, and be responsible for providing this token to the Sensibill SDK on-demand via the TokenProvider interface. For more information about Integration Server, see the Sensibill API Authentication
page.
The SDK will request a token from the TokenProvider when:
- The SDK is starting
- The previous token has expired
- The previous token is invalid
The Android and iOS SDKs will request user access tokens using the TokenProvider that was passed to the SDK during initialization. The SDK will call an asynchronous function TokenProvider.provideTokenReplacement() when a new token is required. The TokenProvider should be designed to retrieve a new token on demand, when the provideTokenReplacement() function is called. It doesn’t need to cache the token, or ensure token validity at all times. See a language-specific section below for more information on how a TokenProvider should be implemented.
Important
- The token provided is used for communication with the Sensibill API and will be used to access a user-specific data.
- Each token is tied to a particular user, therefore it is important to ensure the token provided is always for the intended user.
- Reusing tokens across users will result in information for the wrong user being displayed in your integration.
- Avoid caching tokens inside your
TokenProviderimplementation. The SDK already caches provided tokens and will only request a new token if the cached token is no longer valid.