I\'m implementing Google Smart Lock into my app. I\'ve got it logging the user in automatically with a single account and it works well.
However, once I add a second
When you have multiple account, you will always show this resolution dialog. Look this :
from : https://developers.google.com/identity/smartlock-passwords/android/overview
I work on the Smart Lock team at Google, hopefully this answers your question:
as you note, if the CredentialsApi.request()
API method is called and there are multiple saved accounts for the app, stored in either one or multiple Google Accounts on the device (or auto sign-in has been disabled by the user for one of their accounts or by the developer by calling CredentialsApi.disableAutoSignIn()
) then the API will call back with a CredentialRequestResult
with getStatusCode()
of RESOLUTION_REQUIRED
, meaning that UI must be shown for the user to pick a credential to continue. startResolutionForResult()
will show the dialog, as described in the API overview.
once the app has a credential, either from auto sign-in or after the user has selected one from the dialog, most apps will use this credential to sign the user in to a backend service and establish a session with a cookie or token for the app and manage this independent of the Smart Lock API. Thus, most apps won't call the API again after the user has signed in and a current session exists, hence the dialog won't be shown again after the initial sign-in.
when the user signs out, calling CredentialsApi.disableAutoSignIn()
will prevent the user from being automatically signed back in when the authentication activity is started again, and the disabled state is automatically managed and cleared when the user selects an entry from the credential picker UI or a successful CredentialsApi.save()
call is made, and at this point, a user session is established and there is no need to call the API again until a sign-out event.
I think the confusion in this question stems from calling the API after the user has signed in and they might already have an active session. Was that your intent? If you need to manage credentials of the app on the device after a password has been retrieved or input by the user, you can use the Account Manager on Android, which is independent of any Google accounts or APIs (whereas Smart Lock is geared toward saving sign-in info in the cloud for use across platforms on new or separate devices to bootstrap the auth process).
In the future, we are considering remembering a user preference if multiple accounts are stored and the same one is always picked, thereby allowing automatic sign-in, but right now, user action is always required when there are multiple saved accounts available.
Do leave a comment with any questions or feedback if you need more info or clarification or if this doesn't answer your question!