Overview
This guide discusses the APIs provided by Identity Guardian, which uses a content provider interface to securely retrieve and share data between applications. The content provider URI is composed of four distinct parts: <Scheme:>//<Authority>/<API>/<Data>
- Scheme - Identifies the URI accessing a content source, typically represented as:
content://. - Authority - The name of the provider authority, usually in the forma
packagename.provider. - API - The path that differentiates the content data.
- Data - The key that points to specific data in the path.
Example of content provider URI: content://com.zebra.mdna.els.provider/<API>/<data>
Replace <API> and <data> with the appropriate string for specific use cases.
APIs
Current APIs
| API Name | Description | Usage Context |
|---|---|---|
| Register for Notifications | Enables applications to receive notifications of user changes. | Applicable when Identity Guardian is used for user authentication at either the device or application level. |
| Get Current User Session | Retrieves information about the current user session. | Applicable when Identity Guardian is used for user authentication at either the device or application level. |
| Get Previous User Session | Retrieves information about the previous user session. | Applicable when Identity Guardian is used for user authentication at either the device or application level. |
| Set Current User Session | Notifies Identity Guardian of user sign-in/sign-out events when third-party apps are used to block the device screen instead of Identity Guardian. This is applicable when Proxy Mode is enabled. | Applicable for organizations using custom blocking screen apps for device access, aiming to track user activity across Zebra apps. |
| Start Authentication | Activates Identity Guardian’s user authentication screen to confirm user credentials for device access. | Used when Identity Guardian is employed for application-level authentication instead of device-level. |
| Get Authentication Status | Retrieves information about the Identity Guardian lock screen state. | Applicable when Identity Guardian is used for user authentication at either the device or application level. |
| Lock Screen Message | Displays a message on the Identity Guardian lock screen to notify users of important information. | Applicable when Identity Guardian is used for user authentication at either the device or application level. |
| Logout User | Enables applications to terminate the current user session and lock the screen. | Applicable when Identity Guardian is used for user authentication at either the device or application level. |
Legacy APIs
| API Name | Description | Usage Context |
|---|---|---|
| Get Current User Session (Legacy) | Retrieves information about the current user session. | Applicable when Identity Guardian is used for user authentication at either the device or application level. |
Requirements
Modify AndroidManifest.xml: In your application's AndroidManifest.xml, include the necessary permission and the
<queries>tag to specify the Identity Guardian package name:<uses-permission android:name="com.zebra.mdna.els.permission.PROVIDER" /> <queries> <package android:name="com.zebra.mdna.els" /> </queries>Allowlist Your App: For security, your app must be on Identity Guardian's allowlist using AccessMgr CSP from Zebra Device Manager (ZDM). Create a profile via StageNow to configure your app's allowlist. Set the following parameters:
- Operation Mode: "Single User without Whitelist"
- Service Access Action: "Allow Caller to Call Service"
- Service Identifier: <delegation scope of the API category>
- Specify Caller Package Name: <enter app package name, e.g.: com.company.appname>
- Caller Signature: <select signature file that contains the app certificate>
For information on generating a signature file, see Caller Signature in the Access Mgr CSP documentation. After creating the StageNow profile, use StageNow to scan the generated barcode or deploy the XML file via Enterprise Mobility Management (EMM) software.
Add APIs to Your App's Allowlist: Identity Guardian APIs must be added to your application's allowlist.
Prerequisites:
- Download SigTools.jar. This is used to generate the certificate to create a signature file for security purposes.
- Place your .APK app and SigTools.jar in the same folder on your host computer.
- Download StageNow. This is used to create the profile to allowlist the APIs.
Procedure:
To allowlist Identity Guardian APIs in your app using StageNow:
From the command line, navigate to the directory containing your .APK and "SigTools.jar.".
Generate the certificate by executing the following command, replacing "LOB_app.apk" with your .APK file's name:
java -jar SigTools.jar getcert -inform apk -outform der -in LOB_app.apk -outfile app.crtFrom your host system, open StageNow and click on Create New Profile.
Select the MX version that matches or exceeds the one on your device. Refer to the MX documentation for guidance on how to determine the version.
Select Expert Mode and click Create.
Enter a profile name and click Start.
Click the plus (+) sign next to AccessMgr. This adds AccessMgr to the Config tab on the right side. Click Add.
Enter/select the following for AccessMgr:
- Service Access Action: Allow Caller to Call Service
- Service Identifier: [Enter the API URI, see step 11. For example:
content://com.zebra.mdna.els.provider/lockscreenaction/startauthentication] - Caller Package Name: [Enter the package name for your .APK app file.]
- Caller Signature: [Browse to the .CRT certificate generated from step 2 above.]
Click Continue.
Click Complete Profiles.
Repeat steps 3 to 10 for each API to allowlist in your app, replacing Service Identifier with the desired API URI:
- content://com.zebra.mdna.els.provider/lockscreenaction/startauthentication (Start Authentication)
- content://com.zebra.mdna.els.provider/previoussession (Previous User Session)
- content://com.zebra.mdna.els.provider/currentsession (Current User Session)
- content://com.zebra.mdna.els.provider/lockscreenaction/authenticationstatus (Authentication Status)
- content://com.zebra.mdna.els.provider/lockscreenaction/logout (Logout)
After creating the StageNow profiles, use one of the following methods based on the desired tool for device deployment:
- StageNow: Generate the barcode from the StageNow profile. Open StageNow client on the device and scan the barcode(s) generated from the installation, configuration and/or BLE profile.
- EMM: Export each StageNow XML file from the StageNow installation, connection and BLE profiles. Do not edit the XML file - it can cause unexpected behavior. Send the XML using either OEMConfig or MX to configure the app and grant all required permissions. The installation profile and server connectivity profile XML files must be used separately.
Register for Notifications
Description: Register to receive notifications about the locked/unlocked status of Identity Guardian during user sign in/out events. This API should be registered in the onCreate() method and unregistered in the onDestroy() method.
Content URI: content://com.zebra.mdna.els.provider/lockscreenstatus/state
Response: Returns a JSON string indicating the device's lock status:
- HIDDEN - Indicates that the device is unlocked and a user is currently logged in.
- SHOWN - indicates that the device is locked and no user is logged in.
Sample Code
Uri URI_CURRENT_LOCKSCREEN_STATE = Uri.parse("content://com.zebra.mdna.els.provider/lockscreenstatus/state");
cr.registerContentObserver(URI_CURRENT_LOCKSCREEN_STATE, false, contentObserverLockScreenState);
contentObserverLockScreenState = new ContentObserver(new Handler(getMainLooper())) {
@Override
public void onChange(boolean selfChange, Uri uri) {
super.onChange(selfChange, uri);
Log.d(TAG, "content has changed, uri = " + uri);
new Thread(new Runnable() {
@Override
public void run() {
getCurrentLockScreenStateOfDevice();
}
}).start();
}
};
Sample Response
{
state: “SHOWN”,
lastchangedtimestamp:”MM:DD:YY HH:MM:SS”
}
Get User Session
Retrieve session data associated with the current or previous user. When the device is in a locked state, these APIs are functional if the lock state is activated by specific device system events, not by an application triggering the lock state. The lock screen can be activated by the following device system events, based on Authentication Configuration:
- Unlocking the device (OnUnlock)
- Rebooting the device (OnReboot)
- Connecting the device to AC power (OnACPowerConnected)
- Disconnecting the device from AC power (OnACPowerDisconnected)
An application can activate the lock screen by invoking Start Authentication.
Get Current User Session
Description: This API uses a content URI to access data from the current user session. It retrieves the cursor’s extras and extracts the result string from the extras bundle. If the result string is not empty, it must be parsed into a JSON object since that is the expected format for the result.
Note: Zebra recommends using this API instead of the Get Current User Session (Legacy) API.
Content URI: content://com.zebra.mdna.els.provider/v2/currentsession
Input Keys: None
Response: A Cursor object in JSON string format that contains the required bundle. A null or empty cursor indicates that no user is signed into the device.
This table details the key/value pairs returned in the response. The "Supported Mode" depends on the Application Mode configured for the Usage Mode under Managed Configurations.
| Key | Type | Supported Mode | Description/Value (Authentication Mode) | Description/Value (Proxy Mode) |
|---|---|---|---|---|
| authenticationFactors | JSON object | Authentication Mode | [Returns authentication factor details. See Sample Authentication Results below.] | N/A |
| adminByPassFactors | Array | Authentication Mode | [Returns authentication factor details. See Sample Authentication Results below.] | N/A |
| alternateFactors | Array | Authentication Mode | [Returns authentication factor details. See Sample Authentication Results below.] | N/A |
| factor | String | Authentication Mode | Specifies the type of authentication used: • PASSCODE • FACE • SSO |
N/A |
| factorType | String | Authentication Mode | Defines the level of authentication used: • PRIMARYPRIMARYFACTOR - Primary authentication • PRIMARYSECONDARYFACTOR1 - Secondary authentication • FALLBACKFACTOR1 -Fallback authentication |
N/A |
| status | String | Both | Current authentication status: • EXECUTED - Successful authentication • EXECUTED BUT NOT CONSIDERED - Primary authentication was successful but secondary authentication failed • TIMEDOUT - The authentication request timed out • USERSKIPPED -The user bypassed the SSO login prompt by pressing the back button, resulting to fallback authentication |
Current authentication status: • SUCCESS - Successful authentication • FAILED - Unsuccessful authentication |
| eventType | String | Both | Specifies the event that occurred: • Login - The user logged in to the device • Logout - The user logged out from the device |
Specifies the event that occurred: • Login - The user logged in to the device • Logout - The user logged out from the device |
| isSSOInformationAvailable | Boolean | Both | Availability of Single Sign-On (SSO) data: • 1 - SSO information is available; ssoInformation can be parsed for details• 0 - SSO information is not available |
[Empty value returned] |
| schemaVersion | String | Both | [Version of the authentication factors schema] | [Version of the authentication factors schema] |
| userLoggedInState | Integer | Both | User login status on the device: • 1 - The user is signed in or has checked out the device, updating the userLoginTime • 0 - The user is signed out or has checked in the device, updating the userLogoutTime |
User login status on the device: • 1 - The user is signed in or has checked out the device, updating the userLoginTime • 0 - The user is signed out or has checked in the device, updating the userLogoutTime |
| userId | String | Both | [Identifier for the user signed into the device, e.g., user1@zebra.com] | [Identifier for the user signed into the device, e.g., user1@zebra.com] |
| enrollmentInformation | JSON object | Authentication Mode | [Parent key] | N/A |
| enrollmentCreatedOn | Long | Authentication Mode | [Timestamp when the barcode was created, in EPOCH time, e.g., 1737983880029] | N/A |
| enrollmentCreatedOnDeviceModel | String | Authentication Mode | [Device model on which the barcode was created, e.g., TC58] | N/A |
| enrollmentCreatedOnDeviceSerialNo | String | Authentication Mode | [Serial number of device where the barcode was created] | N/A |
| enrollmentExpiryDate | Long | Authentication Mode | [Expiration date of the barcode, in EPOCH time, e.g., 1738156680000] | N/A |
| enrollmentId | String | Authentication Mode | [Unique identifier for the barcode, e.g., 1237983906027D4BA34E] | N/A |
| enrollmentType | String | Authentication Mode | Type of enrollment: • BARCODE • DEVICE |
N/A |
| securityTypes | String | Authentication Mode | Types of security mechanism in use: • FACE • PASSCODE • SSO |
N/A |
| storageType | String | Authentication Mode | Type of storage used for authentication: • BARCODE - For shared devices • DEVICE - For personal devices |
N/A |
| logOutInformation | JSON object | Both | [Parent key] | [Parent key - Visibly only when a user signs in under Proxy Mode] |
| logoutReason | String | Authentication Mode | Specifies the event that triggered the user logout: • on_lock - The user locked the device. • manual_logout - The user manually signed out using the Sign out button in Identity Guardian • user_change - The user signed out and another user signed in. • onAcPowerConnect -The device was connected to a power source. • onACPowerDisconnect -The device was disconnected from a power source. |
N/A |
| userLogoutTime | String | Both | [Timestamp when user logged out, in EPOCH format] | [Timestamp when user logged out, in EPOCH format] |
| loginInformation | JSON object | Both | [Parent key] | [Parent key - Visibly only when a user signs in under Proxy Mode] |
| userLoginTime | String | Both | [Timestamp when user logged in, in EPOCH format] | [Timestamp when user logged in, in EPOCH format] |
| ssoInformation | JSON object | Both | [Parent key] | [Parent key] |
| ssoAccessToken | String | Authentication Mode | [Access token for Single Sign-On] | N/A |
| ssoDataReceivedFromIDP | String | Authentication Mode | [Data received from Identity Provider] | N/A |
| ssoIDToken | String | Authentication Mode | [Single Sign-On ID token] | N/A |
| ssoProvider | string | Authentication Mode | Single Sign-On provider in use: • PingId • Microsoft • OKTA |
N/A |
| status | String | Both | Indicates the API response outcome: • SUCCESS • FAILED |
Indicates the API response outcome: • SUCCESS • FAILED |
| userInformation | JSON object | Both | [Parent key] | [Parent key with empty object] |
| userId | String | Both | Identifier for the user signed into the device, e.g., user1@zebra.com | Identifier for the user signed into the device, e.g., user1@zebra.com |
| userRole | String | Authentication Mode | [Role identifier based on data from the SSO provider] | N/A |
| errorCode | Integer | Both | 0 | 0 |
Note: The following keys are returned in EPOCH date/time format: enrollmentCreatedOn, enrollmentExpiryDate and userLoginTime.
Exceptions:
- NullPointerException – Returned if the URI or method is null
- IllegalArgumentException – Returned if the URI is not known
Sample Code
To retrieve current user session data, follow the example below:
URI Declaration: The URI_USER_CURRENT_SESSION_V2 is a static final URI that interacts with a content provider managing the current user session data. It is used to query the content provider for the current session data associated with the user.
public static final Uri URI_USER_CURRENT_SESSION_V2 = Uri.parse("content://com.zebra.mdna.els.provider/v2/currentsession");
Method to Get Current Session Data: This method demonstrates how to fetch current user session data from the content provider and parse it into a JSON object.
public void fetchCurrentUserSessionDataV2() {
ContentResolver cr = getContentResolver(); // Get the content resolver to query the provider
Cursor cursor = cr.query(URI_USER_CURRENT_SESSION_V2, null, null, null, null); // Query the provider using the V2 URI
try {
if (cursor != null) { // Check if the cursor is not null
Log.i(TAG, "Cursor info" + cursor.getExtras()); // Log cursor information
Bundle extras = cursor.getExtras(); // Get any extras data from the cursor
if (extras != null) {
String result = extras.getString("RESULT", ""); // Retrieve the "RESULT" data from the extras
Log.i(TAG, "getDataForCurrentUser: key is " + result); // Log the result string
if (!result.isEmpty()) { // Proceed if the result is not empty
try {
JSONObject resultObject = new JSONObject(result); // Parse the result string into a JSON object
Log.i(TAG, "Json Result : " + resultObject.toString(1)); // Log the formatted JSON result
} catch (Exception e) { // Catch any exceptions during JSON parsing
Log.i(TAG, "Exception in parsing " + e.getMessage()); // Log any parsing errors
}
}
}
}
} catch (Exception e) { // Catch any other exceptions during the query process
Log.e(TAG, "Exception in getDataForCurrentUser " + e.getMessage()); // Log the exception
} finally {
if (cursor != null) { // Ensure that the cursor is closed to prevent memory leaks
cursor.close();
}
}
}
Example Response
Sample response after a user authenticates and logs in to Identity Guardian in authentication mode:
{
"authenticationFactors":{
"adminByPassFactors": [],
"alternateFactors": [],
"factors":[
{
"factor":"PASSCODE",
"factorType":"PRIMARYPRIMARYFACTOR",
"status":"EXECUTED"
},
{
"factor":"SSO",
"factorType":"PRIMARYSECONDARYFACTOR1",
"status":"EXECUTED"
}
],
"schemaVersion":"1.0"
},
"enrollmentInformation":{
"enrollmentCreatedOn":"1737983880029",
"enrollmentCreatedOnDeviceModel":"TC58",
"enrollmentCreatedOnDeviceSerialNo":"",
"enrollmentExpiryDate":"1738156680000",
"enrollmentId":"1737983906027D4BA34E",
"enrollmentType":"BARCODE",
"securityTypes":"PASSCODE",
"storageType":"BARCODE"
},
"errorCode":0,
"eventType":"Login",
"lockScreenEventType":””
"isSSOInformationAvailable":1,
"logOutInformation":{
" logoutReason ":""
"userLogoutTime":""
},
"loginInformation":{
"userLoginTime":"1738247487590"
},
"schemaVersion":"2.0",
"ssoInformation":{
"ssoAccessToken":"",
"ssoDataReceivedFromIDP:"",
"ssoIDToken":"",
"ssoProvider":"Microsoft"
},
"status":"SUCCESS",
"userInformation":{
"userId":"user1@zebra.com",
"userRole":""
},
"userLoggedInState":"1"
}
Sample Authentication Results
Examples of authentication results, demonstrating the success or failure of primary, secondary, and fallback methods, illustrating various scenarios and their outcomes:
Primary and Secondary Authentication Successful:
"factors": [ { "FactorType": "PRIMARYPRIMARYFACTOR", "Status": "EXECUTED" }, { "FactorType": "PRIMARYSECONDARYFACTOR1", "Status": "EXECUTED" } ],Primary Authentication Timed Out, Fallback Authentication Successful:
"factors": [ { "FactorType": "PRIMARYPRIMARYFACTOR", "Status": "TIMEDOUT" }, { "FactorType": "FALLBACKFACTOR1", "Status": "EXECUTED" } ],Primary Authentication Successful, Secondary and Fallback Authentication Timed Out:
"factors": [ { "FactorType": "PRIMARYPRIMARYFACTOR", "Status": "EXECUTED BUT NOT CONSIDERED" }, { "Factor":"PASSCODE" "FactorType": "PRIMARYSECONDARYFACTOR1", "Status": "TIMEDOUT" }, { "FactorType": "FALLBACKFACTOR1", "Status": "EXECUTED" } ],Primary Authentication Successful for SSO, Secondary Skipped by User, Fallback Authentication Successful:
"factors": [ { "FactorType": "PRIMARYPRIMARYFACTOR", "Factor":"SSO", "Status": "EXECUTED BUT NOT CONSIDERED" }, { "FactorType": "PRIMARYSECONDARYFACTOR1", "Status": "USERSKIPPED" }, { "FactorType": "FALLBACKFACTOR1", "Status": "EXECUTED" } ],
Get Current User Session (Legacy)
Description: This API uses a content URI to access data from the current user session. It retrieves the cursor’s extras and extracts the result string from the extras bundle. If the result string is not empty, it must be parsed into a JSON object since that is the expected format for the result.
Warning: This API is deprecated and will be removed in a future release. Zebra recommends to use the Get Current User Session API instead.
Content URI: content://com.zebra.mdna.els.provider/currentsession
Input Keys: None
Response: A Cursor object in JSON string format that contains the required bundle. A null or empty cursor indicates that no user is signed into the device.
| Key | Type | Description/Value |
|---|---|---|
| code | integer | Status code indicating success or failure: 0 - Success 1 - Failure |
| status | string | Indicates the API response outcome: SUCCESS FAILED |
| schemaVersion | string | [Returns the version of the authentication factors schema] |
| authenticationFactors | JSON object | [Returns authentication factor details. Sample Authentication Results below.] |
| factor | string | Specifies the type of authentication used: • PASSCODE • FACE • SSO • ADMINBYPASS • NONE - Applies to "PRIMARYSECONDARYFACTOR1" and "FALLBACKFACTOR1" FactorType • NO_COMPARISON - Applies to "PRIMARYPRIMARYFACTOR" FactorType |
| factorType | String | Defines the level of authentication used: • PRIMARYPRIMARYFACTOR - Primary authentication • PRIMARYSECONDARYFACTOR1 - Secondary authentication • FALLBACKFACTOR1 -Fallback authentication |
| status | string | Current authentication status: • EXECUTED - Successful authentication • EXECUTED BUT NOT CONSIDERED - Primary authentication was successful but secondary authentication failed • TIMEDOUT - The authentication request timed out • USERSKIPPED -The user bypassed the SSO login prompt by pressing the back button, resulting to fallback authentication |
| eventType | string | Specifies the event that occurred: • Login • Logout |
| lockScreenEventType | string | Specifies the event that triggered the lock screen: • on_lock - The user locked the device. • manual_logout - The user manually signed out using the Sign out button in Identity Guardian • user_change - The user signed out and another user signed in. • onAcPowerConnect -The device was connected to a power source. • onACPowerDisconnect -The device was disconnected from a power source. |
| authenticationScheme | string | The authentication scheme used: • authenticationScheme1 • authenticationScheme2 • authenticationScheme3 • authenticationScheme4 |
| barcodeAuthenticatedOnDeviceSerialNo | string | [Serial number of device where barcode authentication occurred] |
| barcodeCreatedOn | string | [Timestamp when the barcode was created, in format yyyy-MM-dd HH:mm.sss+SSSZ, e.g., 2025-01-27 18:48.029+0530] |
| barcodeCreatedOnDeviceModel | string | [Device model where the barcode was created, e.g., TC58] |
| barcodeCreatedOnDeviceSerialNo | string | [Serial number of device where the barcode was created] |
| barcodeExpiryDate | string | [Expiration date of the barcode, in format yyyy-MM-dd HH:mm, e.g., 29-01-2025 18:48] |
| barcodeId | string | [Unique identifier for the barcode, e.g., 1737983906027D4BA34E] |
| deviceModel | string | [Device model in use, e.g., TC58] |
| securityTypes | string | Type of security mechanism in use: • FACE • PASSCODE • SSO |
| ssoAccessToken | string | [Access token for Single Sign-On] |
| ssoData | string | [Data related to SSO] |
| ssoProvider | string | Single Sign-On provider in use: • PingId • Microsoft • OKTA |
| storageType | string | Type of storage used for authentication: • BARCODE - For shared devices • DEVICE - For personal devices |
| userId | string | Identifier for the user signed into the device, e.g., user1@zebra.com |
| userLoggedInState | string | Represents the user's login status on the device: • 1 - The user is signed in or has checked out the device, updating the userLoginTime • 0 - The user is signed out or has checked in the device, updating the userLogoutTime |
| userLoginTime | string | [Timestamp when user signed in, formatted as yyyy-MM-dd HH:mm.sss+SSSZ, e.g. 2025-01-30 20:01.590+0530] |
| userLogoutTime | string | [Timestamp when user signed in, formatted as yyyy-MM-dd HH:mm.sss+SSSZ] |
| logoutReason | string | Specifies the event that triggered the user logout: • on_lock - The user locked the device. • manual_logout - The user manually signed out using the Sign out button in Identity Guardian • user_change - The user signed out and another user signed in. • onAcPowerConnect -The device was connected to a power source. • onACPowerDisconnect -The device was disconnected from a power source. |
| userRole | string | [Role identifier based on data from the SSO provider] |
Note: The following keys are returned in date/time format as "yyyy-MM-dd HH:mm.sss": userLoginTime, userLogoutTime, and barcodeCreatedOn.
Example response when a user logs into the device in authentication mode:
{
"code": 0,
"status": "SUCCESS",
"userData": {
"authenticationFactors": {
"schemaVersion": "1.0",
"factors": [
{
"factor": "PASSCODE",
"factorType": "PRIMARYPRIMARYFACTOR",
"status": "EXECUTED"
},
{
"factor": "SSO",
"factorType": "PRIMARYSECONDARYFACTOR1",
"status": "EXECUTED"
}
],
"eventType": "CurrentUser"
"lockScreenEventType":””
},
"authenticationScheme": "authenticationScheme1",
"barcodeAuthenticatedOnDeviceSerialNo": "",
"barcodeCreatedOn": "2025-01-27 18:48.029+0530",
"barcodeCreatedOnDeviceModel": "TC58",
"barcodeCreatedOnDeviceSerialNo": "",
"barcodeExpiryDate": "29-01-2025 18:48",
"barcodeId": "1737983906027D4BA34E",
"deviceModel": "TC58",
"securityTypes": "PASSCODE",
"ssoAccessToken": ".",
"ssoData": "",
"ssoProvider": "Microsoft",
"storageType": "BARCODE",
"userId": "user1@zebra.com",
"userLoggedInState": "1",
"userLoginTime": "2025-01-30 20:01.590+0530",
"userLogoutTime": "",
"logoutReason ":""
"userRole": ""
}
}
Exceptions:
- NullPointerException – Returned if the URI or method is null
- IllegalArgumentException – Returned if the URI is not known
Sample Authentication Results
Examples of authentication results, demonstrating the success or failure of primary, secondary, and fallback methods, illustrating various scenarios and their outcomes:
Primary and Secondary Authentication Successful:
"factors": [ { "FactorType": "PRIMARYPRIMARYFACTOR", "Status": "EXECUTED" }, { "FactorType": "PRIMARYSECONDARYFACTOR1", "Status": "EXECUTED" } ],Primary Authentication Timed Out, Fallback Authentication Successful:
"factors": [ { "FactorType": "PRIMARYPRIMARYFACTOR", "Status": "TIMEDOUT" }, { "FactorType": "FALLBACKFACTOR1", "Status": "EXECUTED" } ],Primary Authentication Successful, Secondary and Fallback Authentication Timed Out:
"factors": [ { "FactorType": "PRIMARYPRIMARYFACTOR", "Status": "EXECUTED BUT NOT CONSIDERED" }, { "Factor":"PASSCODE" "FactorType": "PRIMARYSECONDARYFACTOR1", "Status": "TIMEDOUT" }, { "FactorType": "FALLBACKFACTOR1", "Status": "EXECUTED" } ],Primary Authentication Successful for SSO, Secondary Skipped by User, Fallback Authentication Successful:
"factors": [ { "FactorType": "PRIMARYPRIMARYFACTOR", "Factor":"SSO", "Status": "EXECUTED BUT NOT CONSIDERED" }, { "FactorType": "PRIMARYSECONDARYFACTOR1", "Status": "USERSKIPPED" }, { "FactorType": "FALLBACKFACTOR1", "Status": "EXECUTED" } ],
Sample Code
To retrieve current user session data, follow the example below:
URI Declaration: The URI_USER_CURRENT_SESSION is a static final URI that interacts with a content provider managing the current user session data. It is used to query the content provider for the current session data associated with the user.
public static final Uri URI_USER_CURRENT_SESSION = Uri.parse("content://com.zebra.mdna.els.provider/currentsession");
Method to Get Current Session Data: This method demonstrates how to fetch current user session data from the content provider and parse it into a JSON object.
public void fetchCurrentUserSessionData() {
ContentResolver cr = getContentResolver(); // Get the content resolver to query the provider
Cursor cursor = cr.query(URI_USER_CURRENT_SESSION, null, null, null, null); // Query the provider using the URI
try {
if (cursor != null) { // Check if cursor is not null
Log.i(TAG, "Cursor info" + cursor.getExtras()); // Log cursor information
Bundle extras = cursor.getExtras(); // Get any extras data from the cursor
if (extras != null) {
String result = extras.getString("RESULT", ""); // Retrieve the "RESULT" data from the extras
Log.i(TAG, "getDataForCurrentUser: key is " + result); // Log the result string
if (!result.isEmpty()) { // Proceed if the result is not empty
try {
JSONObject resultObject = new JSONObject(result); // Parse the result string into a JSON object
Log.i(TAG, "Json Result : " + resultObject.toString(1)); // Log the formatted JSON result
} catch (Exception e) { // Catch any exceptions that occur during JSON parsing
Log.i(TAG, "Exception in parsing " + e.getMessage()); // Log parsing exceptions
}
}
}
}
} catch (Exception e) { // Catch any other exceptions during the query process
Log.e(TAG, "Exception in getDataForCurrentUser " + e.getMessage()); // Log the exception
} finally {
if (cursor != null) { // Ensure the cursor is closed to avoid memory leaks
cursor.close();
}
}
}
Get Previous User Session
Description: This API uses a content URI to access data from the previous user session. It retrieves the cursor’s extras and extracts the result string from the extras bundle. If the result string is not empty, it must be parsed into a JSON object since that is the expected format for the result.
Content URI: content://com.zebra.mdna.els.provider/previoussession
Input Keys: None
Response: A Cursor object in JSON string format that contains the required bundle. A null or empty cursor indicates that no user is signed into the device.
| Key | Type | Description/Value |
|---|---|---|
| code | integer | Status code indicating success or failure: 0 - Success 1 - Failure |
| status | string | Indicates the API response outcome: SUCCESS FAILED |
| authenticationFactors.schemaVersion | JSON object | [Returns authentication factor details. Sample Authentication Results below.] |
| schemaVersion | string | [Returns the version of the authentication factors schema] |
| factor | string | Specifies the type of authentication used: • PASSCODE • FACE • SSO • ADMINBYPASS • NONE - Applies to "PRIMARYSECONDARYFACTOR1" and "FALLBACKFACTOR1" FactorType • NO_COMPARISON - Applies to "PRIMARYPRIMARYFACTOR" FactorType |
| Factor Type | String | Defines the level of authentication used: • PRIMARYPRIMARYFACTOR - Primary authentication • PRIMARYSECONDARYFACTOR1 - Secondary authentication • FALLBACKFACTOR1 -Fallback authentication |
| status | string | Current authentication status: • EXECUTED - Successful authentication • EXECUTED BUT NOT CONSIDERED - Primary authentication was successful but secondary authentication failed • TIMEDOUT - The authentication request timed out • USERSKIPPED -The user bypassed the SSO login prompt by pressing the back button, resulting to fallback authentication |
| eventType | string | Identifies the user who was authenticated: • PreviousUser - The user from the previous session. • CurrentUser - The user from the current session. |
| barcodeAuthenticatedOnDeviceSerialNo | string | [Serial number of device where barcode authentication occurred] |
| barcodeCreatedOn | string | [Timestamp when the barcode was created, in format yyyy-MM-dd HH:mm.sss+SSSZ, e.g., 2025-01-27 18:48.029+0530] |
| barcodeCreatedOnDeviceModel | string | [Device model where the barcode was created, e.g., TC58] |
| barcodeCreatedOnDeviceSerialNo | string | [Serial number of device where the barcode was created] |
| barcodeExpiryDate | string | [Expiration date of the barcode, in format yyyy-MM-dd HH:mm, e.g., 29-01-2025 18:48] |
| barcodeId | string | [Unique identifier for the barcode, e.g., 1737983906027D4BA34E] |
| deviceModel | string | [Device model in use, e.g., TC58] |
| logoutReason | string | Specifies the event that triggered the user logout: • on_lock - The user locked the device. • manual_logout - The user manually signed out using the Sign out button in Identity Guardian • user_change - The user signed out and another user signed in. • onAcPowerConnect -The device connected to a power source. • onACPowerDisconnect -The device disconnected from a power source. |
| securityTypes | string | Type of security mechanism in use: • FACE • PASSCODE • SSO |
| ssoAccessToken | string | [Access token for Single Sign-On] |
| ssoData | string | [Data related to SSO] |
| ssoProvider | string | Single Sign-On provider in use: • PingId • Microsoft • OKTA |
| storageType | string | Type of storage used for authentication: • BARCODE - For shared devices • DEVICE - For personal devices |
| userId | string | Identifier for the user signed into the device, e.g., user1@zebra.com |
| userLoggedInState | string | Represents the user's login status on the device: • 1 - The user is signed in or has checked out the device, updating the userLoginTime • 0 - The user is signed out or has checked in the device, updating the userLogoutTime |
| userLoginTime | string | [Timestamp when user signed in format yyyy-MM-dd HH:mm.sss+SSSZ, e.g. 2025-01-30 20:01.590+0530] |
| userLogoutTime | string | [Timestamp when user signed in format yyyy-MM-dd HH:mm.sss+SSSZ] |
| userRole | string | [Role identifier based on data from the SSO provider] |
Example response when a user logs into the device in authentication mode:
{
"code":0,
"status":"SUCCESS",
"userData":{
"authenticationFactors":"{\"schemaVersion\":\"1.0\",\"factors\":[{\"factor\":\"PASSCODE\",\"factorType\":\"PRIMARYPRIMARYFACTOR\",\"status\":\"EXECUTED\"},{\"factor\":\"SSO\",\"factorType\":\"PRIMARYSECONDARYFACTOR1\",\"status\":\"EXECUTED\"}],\"eventType\":\"PreviousUser\"}",
"barcodeAuthenticatedOnDeviceSerialNo":"",
"barcodeCreatedOn":"2025-01-27 18:48.029+0530",
"barcodeCreatedOnDeviceModel":"TC58",
"barcodeCreatedOnDeviceSerialNo":"",
"barcodeExpiryDate":"29-01-2025 18:48",
"barcodeId":"1737983906027D4BA34E",
"deviceModel":"TC58",
"logoutReason":"on_device_manual_checkin",
"securityTypes":"PASSCODE",
"ssoAccessToken":"abcde12345. ",
"ssoData":"{\"aud\":\"f46bf88f-e5a7-441d-bc19-096b2dacdde2\",\"iss\":\"https:\/\/login.microsoftonline.com\/fcefc790-f4eb-456b-86fa-0e8153bac15c\/v2.0\",\"iat\":1738296787,\"nbf\":1738296787,\"exp\":1738300687,\"aio\":\"AWQAm\/8ZAAAAmCTlSl+wuMlynM47fKj7nL1+7BZSgS0pxjxHji+gi4gL3xbx3mPoK2VQ7UzPwLhZgSzetL8cWPT48HIT85s5wSmLWHt6hLuGKzw9JQdnRkYlKezBcT5IGiF3717ocYRE\",\"name\":\"test.user\",\"oid\":\"d2da2d27-ae35-43eb-b3a2-b398890b50d9\",\"preferred_username\":\"test.user@zebra.com\",\"rh\":\"1.Ab4AkMfv_Ov0a0WG-g6BU7rBXI_4a_Sn5R1EvBkJay2s3eK-AL--AA.\",\"sid\":\"0013de09-e09d-39a2-c5ef-060305d43ea1\",\"sub\":\"E7p4Dj1EjzcGFiSF327esrZZBs66CRR45Lr-qH9tcAw\",\"tid\":\"fcefc790-f4eb-456b-86fa-0e8153bac15c\",\"uti\":\"MypFFrvIQEajJLVv3TKCAA\",\"ver\":\"2.0\"}",
"ssoProvider":"Microsoft",
"storageType":"BARCODE",
"userId":"test.user@zebra.com",
"userLoggedInState":"0",
"userLoginTime":"2025-01-31 09:48.446+0530",
"userLogoutTime":"2025-01-31 09:48.934+0530",
"userRole":""
}
}
Sample Code
To retrieve previous user session data, follow the example below:
URI Declaration: The URI_PREVIOUS_USER_SESSION is a static final URI that interacts with a content provider managing the previous user session data. It is used to query the content provider for the previous session data associated with the user.
public static final Uri URI_PREVIOUS_USER_SESSION = Uri.parse("content://com.zebra.mdna.els.provider/previoussession");
Method to Get Current Session Data: This method demonstrates how to fetch previous user session data from the content provider and parse it into a JSON object.
public void fetchPreviousUserSessionData() {
ContentResolver cr = getContentResolver();
Cursor cursor = cr.query(URI_PREVIOUS_USER_SESSION, null, null, null, null);
try {
if (cursor != null) {
Log.i(TAG, "Previous user Cursor info" + cursor.getExtras());
Bundle extras = cursor.getExtras();
if (extras != null) {
String result = extras.getString("RESULT", "");
Log.i(TAG, "getDataForPreviousUser: key is " + result);
if (!result.isEmpty()) {
try {
JSONObject resultObject = new JSONObject(result);
Log.i(TAG, "Json Result : " + resultObject.toString(1));
} catch (Exception e) {
Log.i(TAG, "Exception in parsing " + e.getMessage());
}
}
}
}
} catch (Exception e) {
Log.e(TAG, "Exception in getDataForPreviousUser " + e.getMessage());
} finally {
if (cursor != null) {
cursor.close();
}
}
}
Sample Authentication Results
Examples of authentication results, demonstrating the success or failure of primary, secondary, and fallback methods, illustrating various scenarios and their outcomes:
Primary and Secondary Authentication Successful:
"factors": [ { "FactorType": "PRIMARYPRIMARYFACTOR", "Status": "EXECUTED" }, { "FactorType": "PRIMARYSECONDARYFACTOR1", "Status": "EXECUTED" } ],Primary Authentication Timed Out, Fallback Authentication Successful:
"factors": [ { "FactorType": "PRIMARYPRIMARYFACTOR", "Status": "TIMEDOUT" }, { "FactorType": "FALLBACKFACTOR1", "Status": "EXECUTED" } ],Primary Authentication Successful, Secondary and Fallback Authentication Timed Out:
"factors": [ { "FactorType": "PRIMARYPRIMARYFACTOR", "Status": "EXECUTED BUT NOT CONSIDERED" }, { "Factor":"PASSCODE" "FactorType": "PRIMARYSECONDARYFACTOR1", "Status": "TIMEDOUT" }, { "FactorType": "FALLBACKFACTOR1", "Status": "EXECUTED" } ],Primary Authentication Successful for SSO, Secondary Skipped by User, Fallback Authentication Successful:
"factors": [ { "FactorType": "PRIMARYPRIMARYFACTOR", "Factor":"SSO", "Status": "EXECUTED BUT NOT CONSIDERED" }, { "FactorType": "PRIMARYSECONDARYFACTOR1", "Status": "USERSKIPPED" }, { "FactorType": "FALLBACKFACTOR1", "Status": "EXECUTED" } ],
Set Current User Session
Description: When third-party apps are used to block the device screen instead of Identity Guardian, the app informs Identity Guardian by invoking Session Sign-In State when a user signs in, or Session Sign-Out State when a user signs out. To function in this mode, Identity Guardian must be configured to Proxy Mode by setting the Application Mode to "Proxy.”
Set Session Sign-In State
Description: This API uses a content URI to notify Identity Guardian when a user signs in through a third-party app that blocks the device screen in place of Identity Guardian. It informs Identity Guardian that a user session has started, ensuring user authentication and access control are effectively handled in Proxy Mode. The API returns a result string from the bundle and if the result string is not empty, it should be parsed as a JSON object.
Content URI: content://com.zebra.mdna.els.provider/currentsession
Input Keys:
| Key | Value Type | Description | Requirement |
|---|---|---|---|
| user_id | [string] | The email address of the user signing in. | Mandatory |
| signed_in_state | boolean | Indicates whether the user is signed in. Default = true. | Mandatory |
| signin_time | string | The date and time of sign-in, obtained using getCurrentDateAndTimeFormat
(System.currentTimeMillis()).
|
Mandatory |
| signout_time | [string] | The sign-out time, initially empty. | Optional |
| METHOD_NAME | [string] | The name of the method being called on the ContentResolver. Default = "currentsession". | Mandatory |
Response: The response returns a Cursor object that contains the required bundle.
Sample Code
To set the current user session sign-in state:
public void setSessionSignInState() {
ContentResolver contentResolver = getContentResolver();
Uri uri = Uri.parse("content://com.zebra.mdna.els.provider/");
String METHOD_NAME = "currentsession";
// Creating a bundle to pass user session information
Bundle bundle = new Bundle();
bundle.putString("user_id", "user1@zebra.com");
bundle.putBoolean("signed_in_state", true);
bundle.putString("signin_time", getCurrentDateAndTimeFormat(System.currentTimeMillis()));
bundle.putString("signout_time", ""); // Sign-out time is initially empty
// Calling the content resolver to get the current session data
Bundle response = contentResolver.call(uri, METHOD_NAME, null, bundle);
// Checking if the response is not null and contains the "RESULT" key
if (response != null && response.containsKey("RESULT")) {
// Logging the proxy result
Log.i(TAG, response.getString("RESULT"));
}
}
Sample Response
{
"status": "SUCCESS",
"message": "successfully executed"
}
Set Session Sign-Out State
Description: This API uses a content URI to notify Identity Guardian when a user signs out through a third-party app that blocks the device screen in place of Identity Guardian. It informs Identity Guardian that a user session has ended, ensuring user authentication and access control are effectively handled in Proxy Mode. The API returns a result string from the bundle and if the result string is not empty, it should be parsed as a JSON object.
Content URI: content://com.zebra.mdna.els.provider/currentsession
Input Keys:
| Key | Value Type | Description | Requirement |
|---|---|---|---|
| user_id | [string] | The email address of the user signing in. | Mandatory |
| signed_out_state | boolean | Indicates whether the user is signed out. Default = false. | Mandatory |
| signin_time | string | The sign-in time. Default = (null) | Optional |
| signout_time | [string] | The date and time of sign-out, obtained using getCurrentDateAndTimeFormat
(System.currentTimeMillis()). |
Mandatory |
| METHOD_NAME | [string] | The name of the method being called on the ContentResolver. Default = "currentsession". | Mandatory |
Response: The response returns a Cursor object that contains the required bundle.
Sample Code
To set the current user session sign-out state:
public void setSessionSignOutState() {
ContentResolver contentResolver = getContentResolver();
Uri uri = Uri.parse("content://com.zebra.mdna.els.provider/");
String METHOD_NAME = "currentsession";
// Creating a bundle to pass user session information
Bundle bundle = new Bundle();
bundle.putString("user_id", "user1@zebra.com");
bundle.putBoolean("signed_in_state", false);
bundle.putString("signin_time", ""); // Sign-in time is left empty for sign-out state
bundle.putString("signout_time", getCurrentDateAndTimeFormat(System.currentTimeMillis())); // Setting the current sign-out time
// Calling the content resolver to update the current session data
Bundle response = contentResolver.call(uri, METHOD_NAME, null, bundle);
// Checking if the response is not null and contains the "RESULT" key
if (response != null && response.containsKey("RESULT")) {
Log.i(TAG, response.getString("RESULT"));
}
}
Sample Response
{
"status": "SUCCESS",
"message": "successfully executed"
}
Start Authentication
Description: This API uses a content URI to launch Identity Guardian and display its lock screen, restricting device access until the user successfully signs in and authenticates.
Content URI: content://com.zebra.mdna.els.provider/lockscreenaction/startauthentication
Input Keys:
| Key | Description/Value |
|---|---|
| user_verification | Specifies the authentication scheme to apply for the user: • authenticationScheme1 • authenticationScheme2 • authenticationScheme3 • authenticationScheme4 |
| launchflag | Determines the accessibility of certain device features: • blocking - The notification bar, system bar, home button and recent button are disabled, preventing user access to these features. • unblocking - Allows standard device operations with normal access to the notification bar, system bar, home button and recent button. |
Return RESULT for authState:
- IN_PROGRESS - The device screen is in the process of being locked by Identity Guardian.
- BUSY - The device screen is already locked by another application.
- SUCCESS - The device screen is successfully locked by Identity Guardian.
- ERROR - An exception has occurred.
Response: None
Sample Code
String BASE_URI = "content://com.zebra.mdna.els.provider/";
private final String USER_VERIFICATION = "user_verification";
private final String LAUNCH_FLAG = "launchflag";
Uri uri = Uri.parse(BASE_URI);
String METHOD_NAME = "lockscreenaction";
String API_NAME = "startauthentication";
ContentResolver cr = getContentResolver();
Bundle bundle = new Bundle();
bundle.putString(USER_VERIFICATION, "authenticationScheme1");
bundle.putString(LAUNCH_FLAG, "blocking");
Bundle response = cr.call(uri, METHOD_NAME, API_NAME, bundle);
if (response != null && response.containsKey("RESULT")) {
Log.i(TAG, response.getString("RESULT"));
}
Get Authentication Status
Description: After invoking Start Authentication, monitor the Identity Guardian status of screen lock state and user sign in/out by registering for notifications for these state changes. For example, if Identity Guardian launched successfully, is about to launch or is launched by another application, listen for these notifications to determine if further action is needed.
Content URI: content://com.zebra.mdna.els.provider/lockscreenaction/authenticationstatus
Return RESULT for authState:
- IN_PROGRESS - The device screen is in the process of being locked by Identity Guardian.
- BUSY - The device screen is already locked by another application.
- SUCCESS - The device screen is successfully locked by Identity Guardian.
- ERROR - An exception has occurred.
To register for application state changes (sign-in/out, screen lock status):
Uri URI_AUTHENTICATION_STATUS = Uri.parse("content://com.zebra.mdna.els.provider/lockscreenaction/authenticationstatus");
cr.registerContentObserver(URI_AUTHENTICATION_STATUS,false,contentObserverAuthenticationStatus);
contentObserverAuthenticationStatus = new ContentObserver(new Handler(getMainLooper())) {
@Override
public void onChange(boolean selfChange, Uri uri) {
super.onChange(selfChange, uri);
Log.d(TAG, "content has changed, uri = " + uri);
}
}
Sample Code
Uri uri = Uri.parse(BASE_URI + "lockscreenaction/authenticationstatus");
ContentResolver cr = getContentResolver();
Cursor cursor = cr.query(uri, null, null, null, null);
if (cursor != null){
Bundle bundle = cursor.getExtras();
if (bundle != null && bundle.containsKey("RESULT")) {
String valueFromBundle = bundle.getString("RESULT");
Log.i("TAG", "" + valueFromBundle);
}
}
Sample Response
{
"code":0,
"message":"Authenticated user",
"status":"SUCCESS",
"userData":{
"applicationId":"com.test.lob_testapp_2",
"authenticationFactors":"{\"schemaVersion\":\"1.0\",\"factors\":[{\"factor\":\"FACE\",\"factorType\":\"PRIMARYPRIMARYFACTOR\",\"status\":\"EXECUTED\"},{\"factor\":\"SSO\",\"factorType\":\"PRIMARYSECONDARYFACTOR1\",\"status\":\"EXECUTED\"}],\"eventType\":\"CurrentUser\",\"lockScreenEventType\":\"\"}",
"barcodeId":"1739865839261241C0FF",
"securityTypes":"PASSCODE,FACE",
"ssoAccessToken":"abcde12345",
"ssoData":"{\"aud\":\"f46bf88f-e5a7-441d-bc19-096b2dacdde2\",\"iss\":\"https://login.microsoftonline.com/fcefc790-f4eb-456b-86fa-0e8153bac15c/v2.0\",\"iat\":1739987646,\"nbf\":1739987646,\"exp\":1739991546,\"aio\":\"AWQAm/8ZAAAARnEq5w9eYS5XuZD3mLC0Oj3ZEk7B5P2S1tHqMTir3iOzFsJesfokcttY3J0NJyzDA3nrILT4LnebsK74zA4zSrPP2Zt4MhivOClX+RtNiqwy7dHVDRes8Zuhef2CQw2Y\",\"name\":\"sujith.chakka\",\"oid\":\"d2da2d27-ae35-43eb-b3a2-b398890b50d9\",\"preferred_username\":\"sujith.chakka@zebrablr.onmicrosoft.com\",\"rh\":\"1.Ab4AkMfv_Ov0a0WG-g6BU7rBXI_4a_Sn5R1EvBkJay2s3eK-AL--AA.\",\"sid\":\"00217299-9dc2-713f-e49f-65fceaf50e08\",\"sub\":\"E7p4Dj1EjzcGFiSF327esrZZBs66CRR45Lr-qH9tcAw\",\"tid\":\"fcefc790-f4eb-456b-86fa-0e8153bac15c\",\"uti\":\"Gb8Qwz5knUatbiriY7ejAA\",\"ver\":\"2.0\"}",
"ssoProvider":"Microsoft",
"storageType":"BARCODE",
"userId":"sujith.chakka@zebrablr.onmicrosoft.com",
"userLoggedInState":"SUCCESS",
"userLoginTime":"1739987947747",
"userRole":"",
"validThrough":"1740124980000"
}
}
Logout User
Description: This API uses a content URI to log out the user who has authenticated on the device. It interacts with a content provider to execute the logout and returns a response from the provider. This is applicable when Proxy Mode is not active.
Content URI: content://com.zebra.mdna.els.provider/currentsession
Input Keys: None
Response: The response returns a Cursor object that contains the required bundle.
Sample Code
public void userSessionLogout() {
Uri uri = Uri.parse(BASE_URI); // Content provider URI
String METHOD_NAME = "lockscreenaction"; // Method name for lock screen actions
String API_NAME = "logout"; // API name for logout operation
ContentResolver cr = getContentResolver(); // Get content resolver to interact with the provider
Bundle response = cr.call(uri, METHOD_NAME, API_NAME, null); // Send logout request to content provider
if (response != null && response.containsKey("RESULT")) {
// Check if response is valid and contains the expected RESULT key
provider_response.setText(response.getString("RESULT")); // Update UI with the response message
Log.i(TAG, "ZBA_LOCK STATE: " + response.getString("RESULT")); // Log the result
}
}
Sample Response
Sample response for a user that successfully logs out:
{
"status": "SUCCESS",
}
Lock Screen Message
Description: This API allows messages to be displayed on the Identity Guardian lock screen of a device, enabling communication of important information to users even when their devices are locked. Applications can create custom messages with specified titles, descriptions and severity types, and also configure the message's timeout duration and dismissibility.
Input Parameters:
| Parameter | Value Type | Description | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| BASE_URI | [string] | The base URI for the content provider: content://com.zebra.mdna.els.provider/ |
||||||||||
| METHOD_NAME | [string] | The method name for the lock screen action: lockscreenaction | ||||||||||
| API_NAME | [string] | The API name for showing the message: showmessage | ||||||||||
| Bundle Parameters | (varies, see description) |
|
Response: None
Sample Code
Sample code demonstrating how to display a lock screen message:
public static final String BASE_URI = "content://com.zebra.mdna.els.provider/";
public void executeLockScreenAction() {
// Retrieving input values from the UI components
EditText title = findViewById(R.id.title);
EditText msg = findViewById(R.id.message);
EditText timeout = findViewById(R.id.timeout);
EditText type = findViewById(R.id.messagetype);
CheckBox dismiss = findViewById(R.id.checkbox_dismiss);
// Parsing the base URI
Uri uri = Uri.parse(BASE_URI);
String METHOD_NAME = "lockscreenaction";
String API_NAME = "showmessage";
// Creating a ContentResolver instance
ContentResolver cr = getContentResolver();
// Creating a bundle to pass the message parameters
Bundle bundle = new Bundle();
bundle.putString("Title", title.getText().toString().trim()); // Title of the message
bundle.putString("Message", msg.getText().toString().trim()); // Message description
bundle.putString("Type", type.getText().toString().trim()); // Type of the message (e.g., critical, error, etc.)
try {
// Setting the timeout duration
bundle.putInt("Timeout", Integer.parseInt(timeout.getText().toString()));
} catch (Exception e) {
bundle.putInt("Timeout", 0); // Default timeout value if parsing fails
}
// Setting the dismissibility of the message
bundle.putBoolean("Dismissible", dismiss.isChecked());
// Calling the content provider to display the message
Bundle response = cr.call(uri, METHOD_NAME, API_NAME, bundle);
// Handling the response from the content provider
if (response != null && response.containsKey("RESULT")) {
Log.i(TAG, response.getString("RESULT"));
if (response.getString("RESULT").equals("SUCCESS")) {
if (response.containsKey("DATA")) {
Log.i(TAG, "Data received: " + response.getString("RESULT") + " " + response.getString("DATA"));
provider_response.setText(response.getString("RESULT") + " " + response.getString("DATA"));
}
} else {
Log.i(TAG, "Result received: " + response.getString("RESULT"));
provider_response.setText(response.getString("RESULT"));
}
}
}
Developer Guide
For in-depth guidance on use of Identity Guardian APIs, refer to the blog post Mastering Identity Guardian APIs written by a Zebra developer, along with the corresponding sample app.