API key rotation
The API keys that are used for SDK initialization may be rotated for security reasons. Please use the Incode dashboard to revoke keys and generate new ones.
Once an API key is revoked from the dashboard, all currently ongoing onboarding sessions that were using that API key will be aborted and the onError(Throwable) method on the IncodeWelcome.OnboardingListener() will get called.
This is the place where you should handle replacing the API key.
- Java
- Kotlin
@Override
public void onError(Throwable error) {
if (error instanceof ApiKeyRotationException) {
// Your logic for the rotation of the key
}
}
override fun onError(error: Throwable?) {
if (error is ApiKeyRotationException) {
// Your logic for the rotation of the key
}
}
When a new API key has been obtained, the SDK should be reinitialized using IncodeWelcome.Builder(Application, String, String):
- Java
- Kotlin
new IncodeWelcome.Builder(getApplication(), apiUrl, apiKeyRotatedIn)
... // optional configuration
.build();
// SDK has been reinitialized successfully
IncodeWelcome.Builder(application, apiUrl, apiKeyRotatedIn)
... // optional configuration
.build()
// SDK has been reinitialized successfully
Once the SDK has been reinitialized successfully, the old session can be restarted, or you can start a completely new onboarding session.