CredentialOption

public abstract class CredentialOption

Known direct subclasses
GetCustomCredentialOption

Allows extending custom versions of GetCredentialOptions for unique use cases.
GetPasswordOption

A request to retrieve the user's saved application password from their password provider.
GetPublicKeyCredentialOption

A request to get passkeys from the user's public key credential provider.

Base class for getting a specific type of credentials.

GetCredentialRequest will be composed of a list of CredentialOption subclasses to indicate the specific credential types and configurations that your app accepts.

The typePriorityHint value helps decide where the credential will be displayed on the selector. It is used with more importance than signals like 'last recently used' but with less importance than other signals, such as the ordering of displayed accounts. It is expected to be one of the defined PriorityHints constants. By default, GetCustomCredentialOption will have PRIORITY_DEFAULT, GetPasswordOption will have PRIORITY_PASSWORD_OR_SIMILAR and GetPublicKeyCredentialOption will have PRIORITY_PASSKEY_OR_SIMILAR. It is expected that GetCustomCredentialOption types will remain unchanged unless strong reasons arise and cannot ever have PRIORITY_PASSKEY_OR_SIMILAR. Given passkeys prevent many security threats that other credentials do not, we enforce that nothing is shown higher than passkey types in order to provide end users with the safest credentials first. See the spec here for more information on passkeys.

Summary

Constants
static final int

Default value of display priority.
static final int

Value of display priority for OpenID credentials or those of similar security level.
static final int

Value of display priority for passkeys or credentials of similar security level.
static final int

Value of display priority for passwords or credentials of similar security level.

Public methods
final @NonNull Set<@NonNull ComponentName>

a set of provider service ComponentName allowed to receive this option (Note: a SecurityException will be thrown if it is set as non-empty but your app does not have android.permission.CREDENTIAL_MANAGER_SET_ALLOWED_PROVIDERS; for API level < 34, this property will not take effect and you should control the allowed provider via library dependencies)
final @NonNull Bundle

the partial request data in the Bundle format that will be sent to the provider during the initial candidate query stage, which will not contain sensitive user information
final @NonNull Bundle

the request data in the Bundle format
final @NonNull String

the credential type determined by the credential-type-specific subclass (e.g. the type for GetPasswordOption is PasswordCredential.TYPE_PASSWORD_CREDENTIAL and for GetPublicKeyCredentialOption is PublicKeyCredential.TYPE_PUBLIC_KEY_CREDENTIAL)
final int

sets the priority of this entry, which defines how it appears in the credential selector, with less precedence than account ordering but more precedence than last used time; see PriorityHints for more information
final boolean

whether a credential entry will be automatically chosen if it is the only one available option
final boolean

true if must only be fulfilled by a system provider and false otherwise

Constants

PRIORITY_DEFAULT

public static final int PRIORITY_DEFAULT = 2000

Default value of display priority.

PRIORITY_OIDC_OR_SIMILAR

public static final int PRIORITY_OIDC_OR_SIMILAR = 500

Value of display priority for OpenID credentials or those of similar security level.

PRIORITY_PASSKEY_OR_SIMILAR

public static final int PRIORITY_PASSKEY_OR_SIMILAR = 100

Value of display priority for passkeys or credentials of similar security level.

PRIORITY_PASSWORD_OR_SIMILAR

public static final int PRIORITY_PASSWORD_OR_SIMILAR = 1000

Value of display priority for passwords or credentials of similar security level.

Public methods

getAllowedProviders

Added in 1.2.0
public final @NonNull Set<@NonNull ComponentNamegetAllowedProviders()

a set of provider service ComponentName allowed to receive this option (Note: a SecurityException will be thrown if it is set as non-empty but your app does not have android.permission.CREDENTIAL_MANAGER_SET_ALLOWED_PROVIDERS; for API level < 34, this property will not take effect and you should control the allowed provider via library dependencies)

getCandidateQueryData

Added in 1.2.0
public final @NonNull Bundle getCandidateQueryData()

the partial request data in the Bundle format that will be sent to the provider during the initial candidate query stage, which will not contain sensitive user information

getRequestData

Added in 1.2.0
public final @NonNull Bundle getRequestData()

the request data in the Bundle format

getType

Added in 1.2.0
public final @NonNull String getType()

the credential type determined by the credential-type-specific subclass (e.g. the type for GetPasswordOption is PasswordCredential.TYPE_PASSWORD_CREDENTIAL and for GetPublicKeyCredentialOption is PublicKeyCredential.TYPE_PUBLIC_KEY_CREDENTIAL)

getTypePriorityHint

Added in 1.5.0-alpha01
public final int getTypePriorityHint()

sets the priority of this entry, which defines how it appears in the credential selector, with less precedence than account ordering but more precedence than last used time; see PriorityHints for more information

isAutoSelectAllowed

Added in 1.2.0
public final boolean isAutoSelectAllowed()

whether a credential entry will be automatically chosen if it is the only one available option

isSystemProviderRequired

Added in 1.2.0
public final boolean isSystemProviderRequired()

true if must only be fulfilled by a system provider and false otherwise