\n
![](\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiFNDf69dCL-P2rn6PajockzNlxC57Z9hy3TaBi4Mi66aoKjamiB3M_nfk1CoSLKSieFcRSJbywsSfcEgvHNAhs3yc8K792Ig5r_lerGg4qL3n1Rb6_Xa0UHXdlHlVFwujegymT5esaB3hBVHS9u113MrDLEYIYda6O1dnQ8UNGTY0E5eiEuDiBSXUY_W4\/s1600\/Restore-Credentials-Feature.png\")
<\/p>\n\nPosted by Neelansh Sahai<\/a> – Developer Relations Engineer <\/em>\n<\/p>\n Did you know that, on average, 40% of the people in the US reset or replace their smartphones every year<\/a>? This frequent device turnover presents a challenge \u2013 and an opportunity \u2013 for maintaining strong user relationships. When users get a new phone, the friction of re-entering login credentials can lead to frustration, app abandonment, and churn.<\/p>\n To address this issue, we’re introducing Restore Credentials<\/a>, a new feature of Android\u2019s Credential Manager API. With Restore Credentials, apps can seamlessly onboard users to their accounts on a new device after they restore their apps and data from their previous device. This makes the transition to a new device effortless and fosters loyalty and long term relationships.<\/p>\n On top of all this, there’s no developer effort required for the transfer of a restore key from one device to the other, as this process is tied together with the android system\u2019s backup and restore mechanism. However, if you want to login your users silently as soon as the restore is completed, you might want to implement BackupAgent<\/span> and add your logic in the onRestore<\/span> callback. The experience is delightful – users will continue being signed in as they were on their previous device, and they will be able to get notifications to easily access their content without even needing to open the app on the new device.<\/p>\n <\/a> Some of the benefits of the Restore Credentials feature include:<\/p>\n The Restore Credentials feature enables seamless user account restoration on a new device. This process occurs automatically in the background during device setup when a user restores apps and data from a previous device. By restoring app credentials, the feature allows the app to sign the user back in without requiring any additional interaction.<\/p>\n The credential type that\u2019s supported for this feature is called restore key, which is a public key compatible with passkey \/ FIDO2<\/a> backends.<\/p>\n <\/a> On the old device:<\/p>\n On the new device:<\/p>\n Note:<\/b> You should delete the restore key as soon as the user signs out. You don\u2019t want your user to get stuck in a cycle of signing out intentionally and then automatically getting logged back in.<\/p><\/blockquote>\n Using the Jetpack Credential Manager<\/a> let you create, get, and clear the relevant Restore Credentials:<\/p>\n Restore Credentials is available through the Credential Manager Jetpack library. The minimum version of the Jetpack Library is 1.5.0-beta01<\/span>, and the minimum GMS version is 242200000<\/span>. For more on this, refer to the Restore Credentials DAC page<\/a>. To get started, follow these steps:<\/p>\n NOTE:<\/b> Set the isCloudBackupEnabled<\/span> flag to false if you want the restoreKey<\/span> to be stored locally and not in the cloud. It\u2019s set as true<\/span> by default<\/p><\/blockquote>\n<\/ul>\n<\/ul>\n 4. When the user sets up a new device, call the getCredential()<\/span> method on the CredentialManager<\/span> object.<\/p>\n<\/ul>\n If you’re using a backup agent, perform the getCredential<\/span> part within the onRestore<\/span> callback. This ensures that the app’s credentials are restored immediately after the app data is restored.<\/p>\n 5. When the user signs out of your app, call the clearCredentialState()<\/span> method on the CredentialManager<\/span> object.<\/p>\n<\/ul>\n The Restore Credentials<\/a> feature provides significant benefits, ensuring users experience a smooth transition between devices, and allowing them to log in quickly and easily through backup agents or restore key checks. For developers, the feature is straightforward to integrate and leverages existing passkey server-side infrastructure. Overall, Restore Credentials is a valuable tool that delivers a practical and user-friendly authentication solution.<\/p>\n <\/p>\n <\/p>\n This blog post is a part of our series: Spotlight Week: Passkeys. We’re providing you with a wealth of resources through the week. Think informative blog posts, engaging videos, practical sample code, and more\u2014all carefully designed to help you leverage the latest advancements in seamless sign-up and sign-in experiences.<\/p>\n With these cutting-edge solutions, you can enhance security, reduce friction for your users, and stay ahead of the curve in the rapidly evolving landscape of digital identity. To get a complete overview of what Spotlight Week has to offer and how it can benefit you, be sure to read our overview blog post<\/a>.<\/p>\n <\/em><\/p>\n<\/div>\n![](\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgaUCM7kC2VqW2Qj6AARAvYVJeHB1LuJfEdWyq5Mnti-YWlGWUAR32PkCHbobrLOcX3bZC-ew0hXmMcttv-Xg0fC9xgCyEMNQmNwZfhDpRnksMLANOAYJuTpvpczK39FddpBXFiZiErz31ohyphenhyphen3kO2q3SzfSJEei3Ohpn8o04w0GaSFEneNRwHIKrs89-Po\/s1600\/Restore-Credentials-Banner.png\"\/)
<\/a><\/p>\n![\"An](\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEioVNXeUrZrDWS0sg0gXLqSsl6Y8H59_QfiVjGzN_Z7BnHLsqXp9P4vkOYXX2l_G3Onicdfx7Clc6lj1NacegSIdHyumLG15aDdsBxiXFIOmZMo9A7I7bBHyHYOSeiITy5cD4qD8428fmUID2EZ6vq6ooZT7FzcE4Tjf_c8btK8CMr_dF75a7Fnqb-77_Q\/s16000\/Restore-Credentials-Feature%20(1).png\"\/)
<\/div>\n\n
\n
\n
\n
\n
How does Restore Credentials work?<\/h3>\n
![\"A](\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEh-sTZ9gUWdJF8GQaex0kGVdy0LSBwfOI9eC_iAozsGw-TaVhLLkUyGvTXqniDeYwy72qvrIVPqUcfODfh2onvm3Lz7GfqDwcvuxjh-lEBY-wF5a0F-_TiZ_8jsSbg9ZI5ROSq35WxWsYapt4LUcwHhUIz8xW4vTG-DqgjnIbPUDzMfgqzFva9vJPESSxo\/s1600\/image2.png\"\/)
<\/div>\nUser flow<\/h3>\n
\n
\n
How to implement Restore Credentials<\/h3>\n
\n
\n
\n
\n
\/\/ build.gradle.kts<\/span>\nimplementation(\"androidx.credentials:credentials:1.5.0-beta01\"<\/span>)\n<\/pre>\n<\/div>\n\/\/ Fetch Registration JSON from server<\/span>\n\/\/ Same as the registrationJson created at the time of creating a Passkey<\/span>\n\/\/ See documentation for more info<\/span>\nval<\/span> registrationJson = ... \n\n\/\/ Create the CreateRestoreCredentialRequest object<\/span>\n\/\/ Pass in the registrationJSON <\/span>\nval<\/span> createRequest = CreateRestoreCredentialRequest(\n registrationJson,\n \/* isCloudBackupEnabled = *\/<\/span> true<\/span>\n)\n<\/pre>\n<\/div>\n\n
\n
val<\/span> credentialManager = CredentialManager.create(context)\n\n\/\/ On a successful authentication create a Restore Key<\/span>\n\/\/ Pass in the context and CreateRestoreCredentialRequest object<\/span>\nval<\/span> response = credentialManager.createCredential(\n context,\n createRestoreRequest\n)\n<\/pre>\n<\/div>\n\n
\/\/ Fetch the Authentication JSON from server<\/span>\nval<\/span> authenticationJson = ...\n\n\/\/ Create the GetRestoreCredentialRequest object<\/span>\nval<\/span> options = GetRestoreCredentialOption(authenticationJson)\nval<\/span> getRequest = GetCredentialRequest(Immutablelist.of(options))\n\n\/\/ The restore key can be fetched in two scenarios to <\/span>\n\/\/ 1. On the first launch of app on the device, fetch the Restore Key<\/span>\n\/\/ 2. In the onRestore callback (if the app implements the Backup Agent)<\/span>\nval<\/span> response = credentialManager.getCredential(context, getRequest)\n<\/pre>\n<\/div>\n\n
\/\/ Create a ClearCredentialStateRequest object<\/span>\nval<\/span> clearRequest = ClearCredentialStateRequest(\/* requestType = *\/<\/span> 1<\/span>)\n\n\/\/ On user log-out, clear the restore key<\/span>\nval<\/span> response = credentialManager.clearCredentialState(clearRequest)\n<\/pre>\n<\/div>\nConclusion<\/h3>\n