Skip to main content
Version: Next

Establishing delegated authentication

Use delegated authentication when your app manages its own user accounts and you want to connect that identity to Vipaso. Access these APIs through Vipaso.user.delegated.

establishAuthentication takes two parameters:

  • userIdentifier: String — a string that uniquely identifies the user in your system.
  • connect: suspend (jwk: String) -> String — a suspend callback that receives a JWK (JSON Web Key) string from the SDK and must return a string produced by your backend.

Inside the connect callback:

  • Send the provided JWK string to an endpoint on your backend.
  • Your backend should process the JWK and return an encrypted token (init token JWE).
  • Return that token from the callback.

After a successful call, the authentication state will transition to authenticated. You can observe this via Vipaso.user.delegated.isAuthenticated() to update your UI appropriately.

1) Establish authentication

Call this after your user logs in through your own authentication system. Provide a unique userIdentifier and implement connect to exchange the JWK with your backend and return the resulting token.

suspend fun establishDelegatedAuth(userId: String) {
    try {
        Vipaso.user.delegated.establishAuthentication(
            userIdentifier = userId,
            connect = { jwk ->
                // 1) Send the JWK to your backend endpoint
                // 2) Your backend processes the JWK and returns an encrypted token (init token JWE)
                // 3) Return that token here
                yourBackendService.processJwk(jwk)
            }
        )
        // Success: user can now access Vipaso features
    } catch (e: Throwable) {
        // Handle authentication error
    }
}

2) Observe authentication state

Collect the authentication state to update your UI accordingly. A successful call to establishAuthentication results in authenticated = true.

Vipaso.user.delegated.isAuthenticated()
    .collect { authenticated ->
        if (authenticated) {
            // Show main app content
        } else {
            // User is not logged in; call establishAuthentication when appropriate
        }
    }

3) Logout

Invalidate the current delegated session and reset auth state.

Vipaso.user.delegated.logout()