Most of the apps on Play Store has a Sign-in flow for users to create an account or simply to authenticate them.

If each time the user signs into the app, or installs the same app on another device, then she has to remember the password and other details like username that was used and enter it to successfully sign into the app.

We can’t expect users to remember passwords. If a person forgets the credentials, she requests to reset the password. So there are chances that the new password may also be forgotten.

If we can make the user not go through this process each time she logs-in, then we can gain more less-frustrated users.

This can be achieved using Google’s Smart Lock for Passwords on Android.

What is it?

Smart Lock allows users to save their credentials when they sign-up/sign-in to the app, so they don’t need to remember and type passwords whenever they sign-in again.

It allows users to save their credentials for an app in their google account so that they can sign-in the next time without entering anything. You can store credentials of a federated login like Google or Facebook, or a normal email login.

There are several ways you can use Smart Lock based on your use case.

You can auto sign-in user if the app has only one user account.

user if the app has only one user account. If it has multiple accounts, show a dialog to choose from the list of accounts and auto sign-in the user.

from the list of and auto sign-in the user. Populate the credential details in the sign-in fields automatically so that the user has to only click the sign-in button.

How does it work?

Smart Lock on Android uses Credentials API to save and request user credentials for an app. When a new user signs-up into the app, she will be requested to save the credentials using Smart Lock to her Google account. If she saves, then whenever she signs into the app again or does so from another device containing that google account, then her credentials for the app can be retrieved using the Credentials API.

Smart Lock supports most of the sign-in methods such as email, Google, Facebook, Twitter, Microsoft, Yahoo, LinkedIn and PayPal.

How to integrate?

You may require an Android device with Google Play Store and Google Play Services 9.8.0 or newer.

Next add the following dependency to your build.gradle file: compile 'com.google.android.gms:play-services-auth:10.2.4'

Credentials API

The CredentialsApi interface provides methods to request and save credentials. It can be accessed via Auth.CredentialsApi.

The following methods are available via Auth.CredentialsApi:

save(GoogleApiClient client, Credential credential) — saves the credentials used to sign-in to the app.

— saves the credentials used to sign-in to the app. request(GoogleApiClient client, CredentialRequestrequest) — requests the credentials saved for the app. If multiple accounts are saved, then a dialog is shown with a list of accounts to select from.

— requests the credentials saved for the app. If multiple accounts are saved, then a dialog is shown with a list of accounts to select from. getHintPickerIntent(GoogleApiClient client, HintRequest request) — provides an intent to show a list of accounts to choose from, which upon selecting, you can prefill the details in your sign-up/sign-in fields to speed up the onboarding experience.

— provides an intent to show a list of accounts to choose from, which upon selecting, you can prefill the details in your sign-up/sign-in fields to speed up the onboarding experience. disableAutoSignIn(GoogleApiClient client) — disables auto sign-in to the app on current device. This can be used when the user has signed out of the app to prevent SmartLock from auto sign-in.

— disables auto sign-in to the app on current device. This can be used when the user has signed out of the app to prevent SmartLock from auto sign-in. delete(GoogleApiClient client, Credential credential) — use this method to delete a credential when it is no longer valid to be used to sign-in into your app.

Possible use cases:

Whenever a user signs-up into the app, use the save method to save the credentials.

When the user signs out of the app, use the disableAutoSignIn method disable her from automatically signing into the app on that device.

When the user signs in again, use the request method to request the saved credentials and sign in the user automatically or prefill the sign-in fields.

If there is an option in the app to delete an account, then use delete method to permanently erase the saved credentials.

Let’s look at some code

Consider an app that has a SignUp page for new user and a SignIn page for existing users.

The source code for this sample can be found here.