ForgeRock SDKs

Step 2. Configure connection strings

In this step, you provide your application with the settings it needs to connect to your ForgeRock Identity Cloud or AM instance.

For example, which authentication tree to use and the realm it is a part of.

For this quick start guide, you must provide at least the following properties:

Property Description

forgerock_oauth_client_id

The client_id of the OAuth 2.0 client profile to use.

forgerock_oauth_redirect_uri

The redirect_uri as configured in the OAuth 2.0 client profile.

This value must match a value configured in your OAuth 2.0 client, but is not actually used by the Android application.

forgerock_oauth_scope

A list of scopes to request when performing an OAuth 2.0 authorization flow.

forgerock_url

The URL of the ForgeRock Identity Cloud or AM instance.

For example, https://android-quick-start.forgeblocks.com/am

If you are not using ForgeRock Identity Cloud, specify the port and deployment path.

For example, https://openam.example.com:8443/openam.

forgerock_realm

The realm in which the OAuth 2.0 client profile is configured.

For example, alpha

If you are not using ForgeRock Identity Cloud, specify the default AM the top-level realm; root.

forgerock_auth_service

The name of the journey to use for authentication.

For example, sdkAuthenticationTree

forgerock_cookie_name

The name of the cookie that contains the SSO token. To obtain the name of the cookie in the ForgeRock Identity Cloud:

  1. Click your user in the top-right corner and select Tenant settings.

  2. On the Global Settings tab, copy the value of the Cookie property.

The value is a random string of characters, such as 29cd7a346b42b42.

If you are not using ForgeRock Identity Cloud, the cookie name is usually iPlanetDirectoryPro.

Show additional configuration properties
Property Description

forgerock_oauth_threshold

A threshold, in seconds, to refresh an OAuth 2.0 token before the access_token expires (defaults to 30 seconds).

forgerock_timeout

A timeout, in seconds, for each request that communicates with AM.

forgerock

The name of the account provider displayed by Android when using single sign-on. For example, "ForgeRock Tutorial App".

forgerock_account_name

The name of the user account displayed by Android when using single sign-on. For example, "Demo User".

Add required connection settings to your app

  1. In the Project tree view of your Android Studio project, navigate to app  res  values, and then open the strings.xml file.

  2. Inside the <resources> element, add the following elements, adjusting the values for your deployment:

    <!-- OAuth 2.0 client details -->
    <string name="forgerock_oauth_client_id" translatable="false">ForgeRockSDKClient</string>
    <string name="forgerock_oauth_redirect_uri" translatable="false">https://sdkapp.example.com:8443/callback</string>
    <string name="forgerock_oauth_scope" translatable="false">openid profile email address phone</string>
    
    <!-- ForgeRock Identity Cloud details -->
    <string name="forgerock_url" translatable="false">https://android-quick-start.forgeblocks.com/am</string>
    <string name="forgerock_cookie_name" translatable="false">29cd7a346b42b42</string>
    <string name="forgerock_realm" translatable="false">alpha</string>
    
    <!-- Journey details -->
    <string name="forgerock_auth_service" translatable="false">sdkAuthenticationTree</string>

Check point

You have now configured your application with the settings it needs to connect to your ForgeRock Identity Cloud or AM instance.

In the next step, you add debug logging and initialize the SDK.

Copyright © 2010-2023 ForgeRock, all rights reserved.