SDK authentication involves the generation of authentication token with custom attributes. You can use this token to authenticate the Fusion API calls. To begin with the Cipher SDK integration, you are required to go through an authentication process. This process involves a pre-exchange of asymmetric keys between the SDK framework and your servers. A private key is responsible token on both Android and iOS platforms.  The token generation process involves generating and configuring the key-pair. The private key of the key-pair is responsible for signing the authentication token. The private key along with token generation logic is shared with you through email.

Before you begin

At Zeta, a remote maven repository accessible by https:// protocol is set up. This holds all the build artifacts and dependencies required in the SDK integration.  

About Maven repository

In general, a Maven repository holds build artifacts and dependencies of varying types. The maven repositories are of two types such as local and remote.

• The local repository is a directory on the computer where Maven runs.
• A remote repository is accessible externally by using a variety of protocols such as file:// and https://.

Local and remote repositories are structured the same way so that scripts can run on either side, or they can be synced for offline use. However, the layout of the repositories is completely transparent to any Maven user.

Before you begin

Take care of the following prerequisites before you move to SDK authentication process,

:

1. Add the following Maven repository  URLs URLs in the POM file of the your project.

   maven{url 'https://apollo-maven.corp.zeta.in

   Code Block
   theme Midnight title Maven repositories	linenumbers true
   <project> ... <repositories> <repository> <id>apollo-maven</id> <name>Apollo maven</name> <url>http://172.16.64.117:8081/nexus/content/repositories/releases/'} maven{url 'https://apollo-maven.corp.zeta.in</url> <username>my_login</username> <password>my_password</password> </repository> <repository> <id>apollo-maven-snapshots</id> <name>Apollo maven snapshot</name> <url>http://172.16.64.117:8081/nexus/content/repositories/snapshots/'}

   Add the following dependencies 

   </url> <username>my_login</username> <password>my_password</password> </repository> </repositories> ... </project>

   Note
   Use the same credentials, as shared for the Android SDK’s Maven repository, to access the Maven repository.

2. Add the following dependenciesin your project.

   Code Block
   theme Midnight title Dependencies linenumbers true
   <groupId>in.zeta.apollo</groupId> <artifactId>tenant-commons</artifactId> <version>1.1</version>

About Maven Repository

In general, a Maven Repository holds build artifacts and dependencies of varying types. The maven repositories are of two types such as local and remote. 

• The local repository is a directory on the computer where Maven runs. 
• A remote repository is accessible externally by using a variety of protocols such as file:// and https://.

Local and remote repositories are structured the same way so that scripts can run on either side, or they can be synced for offline use. However, the layout of the repositories is completely transparent to any Maven user.

1. The private key along with token generation logic is shared with you through email.

How to generate an authentication token?

The SDK authentication process involves generation of tenantAuthToken with a configurable set of claims authentication token. This token token must be generated on the server-side as it involves signing the data with a private key. The private key authentication token must never be compromised. be generated and passed on to the SDK during runtime.

String jwtToken = AsymmetricJwtTokenGenerator.generateJWT(
				  <<issuerId>>,
                  <<base64EncodedPrivateKey>>,
                  <<algorithm>>,
                  <<claims>>,
                  <<expiryEpochTimeInMilliseconds>>);

Parameter description

• issuerID:  Unique identifier of the issuer. An issuer can be a company or a business domain. For example, Zeta.
• base64EncodedPrivatekey:  A private key associated with the SDK. It is of the key-pair generated during SDK authentication process. It is responsible for signing the data for the tenantAuthToken generationthe authentication token generation.
  
• algorithm:  Algorithm used for key-pair generation. Currently, the key-pair used for signature is ECC urrently, we support EC algorithm.
  
• expiryEpochTimeInMilliseconds:   Expiration Expiration time of the token. This time is mentioned as an epoch time in milliseconds. 
  

• claims: An element to support the dynamic string substitution featureClaims are statements based on declarations made by the

  Span
  id tenant class tooltip
  tenant

  in authentication token. You can add the claims in in the SDK integration with Object type  Object type Map<String, Object>. 

  Tooltip
  id tenant text A tenant is a fintech or organization onboarded with Zeta. direction SW

  Code Block
  theme Midnight title Sample Map for claims linenumbers true
  { 'tenantUniqueVectorId': '<unique identifier for the app user>' }

  
  tenantUniqueVectorId: ID Unique identifier of the the tenantUniqueVector generated by the tenant. This is the same ID that was earlier verified by the Zeta system during the registration.  This ID and the signature are verified during generation of authentication token.