Password from associated website not retrieved in app via Smart Lock API
After submitting the data to associate your app and https website, and receiving confirmation that the association is live, here are some things to check:
- if you've just saved a new credential, wait a couple minutes for synchronization between Chrome and Android and across devices
- try a real device (Android 4+) and not an emulator, ensure that the device is running the latest version of Google Play Services (8+) and has an active internet connection
- ensure that you are signed in to Chrome with the same account as your Android device, and that the account is in good state (doesn't require password re-entry and meets any corp policy requirements, e.g. is in sync and receives push email notifications, for example)
- if the association just went live recently and you were testing the API integration in the app on your device before it was enabled, visit passwords.google.com and delete any existing entries for your website / app to force removal of any cached data
- visit your website in Chrome, sign in as normal and save your password when prompted, confirm that the password was saved and appears in chrome://settings/passwords and passwords.google.com under the https domain specified in your association (fully visible if you mouse over the domain shown in the UI)
call the API on Android using an apk with package name matching your submission and signed with the same keystore as your Play Store app, keep in mind that the debug keystore may be different if you are in a development environment with non-release keys or you move to another computer.
note that if there are multiple credentials available, the API callback may not immediately be success as you might need to handle multiple stored credentials and invoke UI to allow the user to select a credential
Note that if you save a credential in the app, Chrome will offer to auto-fill in web forms on associated https websites after the association has been live for about 24 hours (and the credential will also be available via the Chrome Credentials API). If you're looking for a complete guide to testing a Smart Lock integration, check out this post.
How to show Google's user and password saver message for future autofill logins in my app?
Well, after an entire day of research i found the problem.
In the XML you have to set the inputType to the correct way. I already had that.
android:inputType="textPassword" --> For passowrd
android:inputType="textEmailAddress" --> for mail
And then, when you do the succesfull login you MUST to do finish() so in the background android do the magic and ask you to save the data in your google passwords or samsung pass or whatever.
SmartLock disableAutoSignIn() stopped working returning 403
Sorry, this a bug on the Google side, a fix just rolled out, let us know if you still have trouble.
Testing Smart Lock for Passwords app integration
Here’s a guide to test Smart Lock for Passwords functionality in an app. If you have a website, associate your app and site to test those cases. Also check out the developer integration guide.
Check what's saved for the current Google Account at passwords.google.com. Entries are shown under the website domain or Android package/app name, delete any entries to start over.
Auto sign-in when app starts and a single saved entry exists. This is the recommended UX pattern to seamlessly transition between devices and help users complete transactions and pick up their experience where they left off last time. Sign-In UI should be disabled or hidden until the API call is complete, and do not call the API if you already have a signed-in user.
Sign-up with a password in the app, check for a hints dialog to help fill the sign-up form fields such as name and email, and check for a save prompt, select "Save password".
Auto sign-in after reinstalling app (or clearing app data). Show prompt for multiple credentials if something was already saved or auto sign-in is disabled.
Regular sign-in after deleting any saved passwords at passwords.google.com, save the existing account credentials when prompted.
Sign-out and app should call
disableAutoSignIn
. When user returns to the sign-in activity / UI, call the API and to help sign back in or switch between accounts easily (app should resolve an intent to show a picker dialog), without automatically signing the user back in.Password update in the app should save the change (app should just call
save API), but UI won't be needed for password updates). Check passwords.google.com for the updated password.Multiple accounts after sign-up for a different second account on the web, reinstall app and see if both saved entries are offered for sign-in via a picker dialog.
Wrong stored password: You can save a wrong password in Chrome by running the following in the console on your login domain:
navigator.credentials.store(new PasswordCredential({id: 'user@example.com', password: 'wrongpassword'}))
. Then test retrieving this in the app, which could either prompt user to correct the password and save the new one, or delete an invalid credential so user doesn't get stuck in this state.Web auto-fill when visiting the https website in Chrome, check that passwords saved on Android are available to fill in the website password field (they should also should show in chrome://settings/passwords).
IDP sign-in after deleting saved password entries, sign in/up to the app with Facebook etc, and may prompt to "Save account". Reinstall to see auto sign-in UX (i.e., the app may automatically "click" the appropriate button for the user or customize their sign-in screen to the returning user). The same for Google Sign-In, but no save prompt is shown, will save automatically to the appropriate Google account, see example use of
silentSignIn
.
Keep in mind that if you tap the "Never" button on a save dialog, it will add the app to the Never save list in Settings > Google > Smart Lock for Passwords for all accounts on the device and the save prompt will not be shown again (API error message "The current app is blacklisted"). You will need to remove the app from the Never save list for all accounts on the device to see the save prompt again.
Also note that Android credentials are affiliated to the signature and package of the app in which they were saved, in case you sign your app with multiple debug or release keystores during development.
Related Topics
Android: Running a Background Task Using Alarmmanager
Libz.So.1: Cannot Open Shared Object File
How to Use Dimens.Xml in Android
How to Change the Background of an Android Tab Widget
How to Send Notification to Specific Users with Fcm
Android: How to Get a List of All Available Intent Filters
Display Data After Every 10 Seconds in Android
Error Inflating Class Androidx.Constraintlayout.Constraintlayout After Migration to Androidx
How to Have a Viewpager Inside of a Scrollview
How to Open the Options Menu Programmatically
How to Handle the Firebase Notification When App Is in Foreground
Android Kitkat 4.4 Hangouts Cannot Handle Sending Sms Intent
Android: Launch Activity from Clickable Text
How to Get Each Device's Ip Address in Wi-Fi Direct Scenario