Go>Sign Android SDK Integration
The “Go>Sign Mobile Android Integration” page is intended for developers who are interested in writing Android applications that use the capabilities offered by the Go>Sign Android SDK. It is assumed that the reader has a basic knowledge of Android and JSON.
Overview
The Go>Sign Mobile SDK empowers Android applications to perform authorised remote signing using an authorisation key stored in a user’s mobile device hardware/software. The authorisation key is protected using a configured authentication method such as fingerprint or device passcode. The SDK adds additional security factors via OTPs (Email and SMS) during mobile device registration with the ADSS Server Signature Activation Module (SAM) Service through RAS.
In addition, the Go>Sign Mobile SDK enables users to view what is being authorised. At the time of authorisation, the authorisation key is unlocked using the same authentication method captured during registration.
The Go>Sign Mobile SDK communicates with ADSS RAS to view and sign pending authorisation requests as part of the overall Remote Authorised Signing solution.
As shown in the image, Go>Sign Mobile SDK communicates with ADSS RAS to view & sign the pending authorisation.
Authentication methods
Go>Sign mobile SDK sends a request to RAS to authenticate a user, the RAS Service checks the RAS Profile settings to see which type of authentication scheme to use for user authentication. RAS profile settings now providing the OTP Authentication or No Authentication or QR Code Authentication settings in RAS Profile and if its selected, the RAS Service informs the Go>Sign mobile SDK the user will be authenticated using the OTP(s) that he will receive on mobile number or email then it verify and returns access token, if no authentication then it directly returns token and if QR code selected then Go>Sign mobile SDK will launch the mobile’s camera to scan the QR Code and ask the user to login to its Web RA account to get the QR Code and Go>Sign mobile SDK hit verification call to verify if it verified then it returns tokens. The following options can be selected from the RAS Profile:
OTP Authentication
Both (SMS and Email)
Only SMS
Only Email
QR Code
No Authentication
OTP authentication
SMS and Email
Authentication from Go>Sign Mobile SDK user needs to provide their both OTPs SMS and Email, if OTP Authentication is selected with both Email and Mobile options are selected in RAS Profile.
RAS profile GUI:
Go>Sign Mobile SDK present OTP dialogue on which the user needs to enter their OTPs, which they received on the mentioned Email and Mobile number.
OTP dialogue for SMS and Email
The user will provide these OTPs, and the Go>Sign Mobile SDK will verify these OTPs when the user taps on the Verify button. If successful, access and refresh tokens are returned and land on the device registration process.
SMS
If only SMS is selected in the OTP from the RAS profile.
RAS profile GUI:
OTP sent to mobile, and Go>Sign Mobile SDK presents OTP dialogue with OTP text field.
OTP dialogue for SMS (Android)
The user will provide SMS OTP, and the SDK will verify SMS OTP when the user taps on the Verify button. If successful, access and refresh tokens are returned and land on the device registration process.
Email
If only Email is selected in OTP from the RAS profile.
RAS profile GUI:
OTP sent to email, and Go>Sign Mobile SDK presents OTP dialogue with email text field.
OTP dialogue for Email (Android)
The user enters the Email OTP, and the Go>Sign Mobile SDK verifies it when the user taps "Verify". Upon successful verification, access and refresh tokens are issued, and the process proceeds to device registration.
QR code
QR Code Authentication option added in RAS Profile to authenticate the user using a QR code. Now, when Go>Sign Mobile SDK sends a request to RAS to authenticate the user, the Go>Sign Mobile SDK will launch the mobile’s camera to scan the QR Code and ask the user to log in to its Web RA account to get the QR Code.
RAS profile GUI
QR Code dialogue (Android)
No authentication
If "No Authentication" is selected under User Authentication Settings for the Go>Sign Mobile SDK in the RAS Profile.
RAS profile GUI
The Go>Sign Mobile SDK sends an enrollment request to verify the selected authentication method. If no authentication method is configured, the user is directed straight to the device registration process to register their device.
Device registration
The Go>Sign Mobile SDK will display the following screens during the device registration process:
The following screen will be presented when authorisation is required:
Go>Sign Mobile SDK benefits
The key features of Go>Sign Mobile SDK:
Device registration
Authorised Remote Signing features
View pending authorisation request
Sign pending authorisation request
Cancel/Decline pending authorisation request
Branding of the pending authorisation screen
Localisation with RTL (Right to Left) support
Device de-registration
Integration prerequisites
ADSS Server prerequisites
Go>Sign Mobile SDK communicates with the ADSS Server RAS Service using OAuth. Several parameters (User ID, Client ID, Client Secret, RAS Service URL, etc.) are required in Go>Sign Mobile SDK when integrating to view and sign a pending authorisation.
User must be registered in the SAM Service. For more information, click here. Client ID, which acts as a mobile application (integrating Go>Sign Mobile SDK) for the ADSS Server, must be registered and configured to use the RAS Service. For more information, click here.
Go>Sign Mobile SDK prerequisites
To integrate the Go>Sign Mobile SDK, the Android Application should have the following requirements:
Select API 24 or higher and create your own project. The Go>Sign Mobile SDK supports Minimum SDK API 24
Add Go>Sign Mobile SDK to an Android application project
Add the SDK file
Rename your SDK file to gosign-mobile-sdk.aar
Place the file in the following directory structure:
android/
Add GoSign SDK to your app:
Include module: Add this line to your android/settings.gradle.kts:
Add required dependencies
Add the ProGuard rules to your android/app/proguard-rules.pro file
Create an application class
Register the application class and permissions
Theme
Change the default theme of your App to your desired theme with NO_ACTION_BAR in “styles.xml” file.
Integrating Go>Sign Mobile SDK into an Android Application Project
The Mobile App must import the following classes into its codebase:
import com.gosign.sdk.apis.Response
import com.gosign.sdk.managers.GoSignManager
Initialization
Go>Sign Mobile SDK comes up with a class “GoSignManager”. This class bridges between the Android application and Go>Sign Mobile SDK.
Parameter
Description
Activity
An instance of current activity.
User ID
Specifies the User ID which is already registered in the ADSS SAM Service.
Client ID
Specifies the Client ID registered in the ADSS Server. This is used to authenticate and identify the application integrating the Go>Sign Mobile SDK. For more information, see Client Manager.
Client Secret
Client Secret generated for a client registered in ADSS Server. For more information, see Advanced Settings.
Server URL
ADSS RAS Service URL e.g. https://:port/adss/service/ras
Device registration callback
The Go>Sign Mobile SDK provides a callback for Device Registration. When the device is registered successfully, then deviceRegistrationSucceeded(activity: Activity) is called. This activity is an instance of GoSign Activity, and you can use it according to your need & in case of some error, deviceRegistrationFailed() is called:
Authorisation request callback
The Go>Sign Mobile SDK provides a callback for Pending Request Authorisation. In order to use this in your application, override the onActivityResult method in your caller app Activity. Activity.RESULT_OK will be the result code when the request is authorised successfully and the Activity.RESULT_CANCELED is the result code when the request is not authorised or cancelled:
Deregister
De-register will remove the keys which are generated in the user’s mobile and log out the current session.
Deregister callback
Deregister Call back triggers call-back events for success and failure. These are the optional methods, and the business application can or cannot implement the CallBackListener in the business application controller.
Register device for push notifications (Optional)
To receive push notifications from the ADSS server, you need to register your device with the push notification service on the ADSS server.
GoSignManager provide methods to register your device for push notifications. There are several overloaded methods for this purpose, which are listed below:
Push notifications for Android level 33 or above (Optional)
To push notifications on Android level 33 or above, Runtime permission is required as per the Google developer guide. Add Runtime permission on the App side:
Classes
This section provides descriptions of the Go>Sign Mobile SDK classes and their respective methods.
GoSignManager
The GoSignManager Class is used to authenticate the user and returns the status to the Mobile application delegator.
GoSignManager Method
Purpose
getInstance()
This method returns an instance of the GoSignManager class to be initialised later.
openPendingAuthorization(activity, userID.getText().toString(), Constants.CLIENT_ID, Constants.CLIENT_SECRET,URL)
This method initialize the GoSignManager object with the provided values.
activity – Current activity
UerID – Unique identity of each registered user in the ADSS server
ClientID – Specify a unique ID of the client that will be used later for service requests to the ADSS Server
ClientSecret – Registered Client Secret for your app in ADSS
URL – URL, it will communicate with the ADSS server
deRegisterDevice(activity)
This method will log out the current session and also deregister a device.
GoSignManager.isDeviceAlreadyRegistered()
This method will return true if a device is already registered and false if not.
registerDeviceForPushNotification(activity, fcmToken)
This method will register your device with the ADSS push notification service.
setLevelOneColor(levelOneColor)
Specifies the level one colour of the Mobile SDK. Default colour is #232323.
setLevelTwoColor(levelTwoColor)
Specifies the level two colour of the Mobile SDK. Default colour is #55cf31.
setLevelThreeColor(levelThreeColor)
Specifies the level three colour of the Mobile SDK. Default colour is #e03500.
setLevelFourColor(levelFourColor)
Specifies the level four colour of the Mobile SDK. Default colour is #2bbc00.
setLevelFiveColor(levelFiveColor)
Specifies the level five colour of the Mobile SDK. Default colour is #ffffff.
setLevelSixColor(levelSixColor)
Specifies the level six colour of the Mobile SDK. Default colour is #797979.
setLevelSevenColor(levelSevenColor)
Specifies the level seven colour of the Mobile SDK. Default colour is #ffb600.
setLevelEightColor(levelEightColor)
Specifies the level eight colour of the Mobile SDK. Default colour is #f9da00.
setLevelNineColor(levelEightColor)
Specifies the level nine colour of the Mobile SDK. Default colour is #b3b3b3.
setLevelTenColor(levelTenColor)
Specifies the level ten colour of the Mobile SDK. Default colour is #2f2f2f.
setLevelElevenColor(levelTenColor)
Specifies the level ten colour of the Mobile SDK. Default colour is #007aff.
setLevelTwelveColor(levelTenColor)
Specifies the level ten color of the Mobile SDK. Default color is #ccf1c1.
setLevelThirteenColor(levelTenColor)
Specifies the level ten color of the Mobile SDK. Default color is #eda240.
setAuthorisationRequestTitle(title)
Sets the header title of the Remote Authorisation Screen
setDeviceRegistrationListener(DeviceRegistrationListener deviceRegistrationListener)
Sets the listener of device registration so that the user gets notified when device is successfully registered or registration is failed.
Localisation
The Go>Sign Mobile SDK supports localisation with Right-to-Left (RTL) language layouts. When the device language is set to Arabic, the Go>Sign SDK automatically adjusts its interface to follow the RTL orientation, as shown in the screenshot below.
Error codes
Error Code
Description
GOSIGN_OTP_DIALOG_ERROR
OTP is required (occurs when OTP authentication fails).
GOSIGN_REMOTE_SIGNING_ERROR_FINGER_PRINT_ENROLL_MSG
You need to enable fingerprint to access this functionality (biometric authentication is not configured on the device).
GOSIGN_REMOTE_SIGNING_ERROR_FINGER_PRINT_HARDWARE_MSG
This device cannot be used for authorising remote signatures because it lacks the required minimum-security features. (SAM configuration requires a biometric feature to protect a mobile authorisation key, but the device does not have biometric capability.)
GOSIGN_REMOTE_SIGNING_DIALOG_SECURITY_CHANGED
Your device cannot be used for authorising remote signatures because your device security settings have changed — you need to re-login to register this device. (This occurs when the authentication method changes after the device has been registered.)
Branding
The Go>Sign Mobile SDK allows developers to customise the look and feel of the remote authorisation screen. This can be achieved using the methods defined in the GoSign Manager class, as described in the previous chapter. The required colour must be provided in hexadecimal format, for example, setLevelColor(#FFFFFF).
Last updated
Was this helpful?