You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
You'll need to perform a type check and cast to the appropriate interface when you get your `PublicClientApplication` object. The following code checks for multiple account mode or single account mode, and casts the application object appropriately:
64
+
You'll need to do a type check and cast to the appropriate interface when you get your `PublicClientApplication` object. The following code checks for multiple account mode or single account mode, and casts the application object appropriately:
65
65
66
66
```java
67
67
privateIPublicClientApplication mApplication;
@@ -88,15 +88,15 @@ The following differences apply depending on whether your app is running on a sh
88
88
89
89
## Why you may want to only support single-account mode
90
90
91
-
If you are writing an app that will only be used for firstline workers using a shared device, we recommend that you write your application to only support single-account mode. This includes most applications that are task focused such as medical records apps, invoice apps, and most line-of-business apps. Only supporting single-account mode simplifies development because you won't need to implement the additional features that are part of multiple-account apps.
91
+
If you're writing an app that will only be used for firstline workers using a shared device, we recommend that you write your application to only support single-account mode. This includes most applications that are task focused such as medical records apps, invoice apps, and most line-of-business apps. Only supporting single-account mode simplifies development because you won't need to implement the additional features that are part of multiple-account apps.
92
92
93
93
## What happens when the device mode changes
94
94
95
95
If your application is running in multiple-account mode, and an administrator puts the device in shared device mode, all of the accounts on the device are cleared from the application and the application transitions to single-account mode.
96
96
97
97
## Shared device sign-out and the overall app lifecycle
98
98
99
-
When a user signs out, you will need to take action to protect the privacy and data of the user. For example, if you're building a medical records app you'll want to make sure that when the user signs out previously displayed patient records are cleared. Your application must be prepared for this and check every time it enters the foreground.
99
+
When a user signs out, you'll need to take action to protect the privacy and data of the user. For example, if you're building a medical records app you'll want to make sure that when the user signs out previously displayed patient records are cleared. Your application must be prepared for this and check every time it enters the foreground.
100
100
101
101
When your app uses MSAL to sign out the user in an app running on device that is in shared mode, the signed-in account and cached tokens are removed from both the app and the device.
102
102
@@ -106,4 +106,4 @@ The following diagram shows the overall app lifecycle and common events that may
106
106
107
107
## Next steps
108
108
109
-
See the [shared device sign-out sample](https://github.com/brandwe/GlobalSignoutSample) for example shared device mode app code that shows how to write a firstline worker app that runs on a shared mode Android device.
109
+
See the [shared device sign-out sample](https://github.com/brandwe/GlobalSignoutSample) for shared device mode app example code that shows how to write a firstline worker app that runs on a shared mode Android device.
Copy file name to clipboardExpand all lines: articles/active-directory/develop/tutorial-v2-shared-device-mode.md
+11-11Lines changed: 11 additions & 11 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -31,11 +31,11 @@ This guide provides developer guidance to implement shared-device mode in an And
31
31
32
32
### Download the sample
33
33
34
-
Clone the [sample application](https://github.com/Azure-Samples/ms-identity-android-java/) from Github. The sample has the capability to work in [single or multi account mode](https://docs.microsoft.com/azure/active-directory/develop/single-multi-account).
34
+
Clone the [sample application](https://github.com/Azure-Samples/ms-identity-android-java/) from GitHub. The sample has the capability to work in [single or multi account mode](https://docs.microsoft.com/azure/active-directory/develop/single-multi-account).
35
35
36
36
### Add the MSAL SDK to your local Maven repository
37
37
38
-
If you are not using the sample app, add the MSAL library as a dependency in your build.gradle file, like so:
38
+
If you're not using the sample app, add the MSAL library as a dependency in your build.gradle file, like so:
39
39
40
40
```gradle
41
41
dependencies{
@@ -49,7 +49,7 @@ Refer to the [configuration documentation](https://docs.microsoft.com/azure/acti
49
49
50
50
Set `"shared_device_mode_supported"` to `true` in your MSAL configuration file.
51
51
52
-
You may not be planning to support multiple-account mode. That could be if you are not using a shared device, and the user can sign into the app with more than one account at the same time. If so, set `"account_mode"` to `"SINGLE"`. This guarantees that your app will always get `ISingleAccountPublicClientApplication`, and significantly simplifies your MSAL integration. The default value of `"account_mode"` is `"MULTIPLE"`, so it is important to change this value in the config file if you are using `"single account"` mode.
52
+
You may not be planning to support multiple-account mode. That could be if you're not using a shared device, and the user can sign into the app with more than one account at the same time. If so, set `"account_mode"` to `"SINGLE"`. This guarantees that your app will always get `ISingleAccountPublicClientApplication`, and significantly simplifies your MSAL integration. The default value of `"account_mode"` is `"MULTIPLE"`, so it is important to change this value in the config file if you're using `"single account"` mode.
53
53
54
54
Here's an example of the auth_config.json file included in the **app**>**main**>**res**>**raw** directory of the sample app:
55
55
@@ -75,7 +75,7 @@ Here's an example of the auth_config.json file included in the **app**>**main**>
75
75
76
76
### Detect shared-device mode
77
77
78
-
Shared-device mode allows you to configure Android devices to be shared by multiple employees, while providing Microsoft Identity backed management of the device. Employees can sign-in to their devices and access customer information quickly. When they are finished with their shift or task, they will be able to sign-out of all apps on the shared device with a single click and the device will be immediately ready for the next employee to use.
78
+
Shared-device mode allows you to configure Android devices to be shared by multiple employees, while providing Microsoft Identity backed management of the device. Employees can signin to their devices and access customer information quickly. When they are finished with their shift or task, they will be able to sign-out of all apps on the shared device with a single click and the device will be immediately ready for the next employee to use.
79
79
80
80
Use `isSharedDevice()` to determine if an app is running on a device that is in shared-device mode. Your app could use this flag to determine if it should modify UX accordingly.
If you are writing an app that will only be used for firstline workers on a shared device, we recommend you write your app to only support single-account mode. This includes most applications that are task focused such as medical records apps, invoice apps, and most line of business apps. This will simplify your development as many features of the SDK won’t need to be accommodated.
113
+
If you're writing an app that will only be used for firstline workers on a shared device, we recommend you write your app to only support single-account mode. This includes most applications that are task focused such as medical records apps, invoice apps, and most line-of-business apps. This will simplify your development as many features of the SDK won’t need to be accommodated.
114
114
115
115
If your app supports multiple accounts as well as shared device mode, you must perform a type check and cast to the appropriate interface as shown below.
116
116
@@ -206,18 +206,18 @@ First, register your application within your organizational tenant. Then provide
206
206
For information on how to do this, refer to [Register your application](https://docs.microsoft.com/azure/active-directory/develop/tutorial-v2-android#register-your-application).
207
207
208
208
> [!NOTE]
209
-
>When you register your app, please use the QuickStart guide on the left-hand side and then select **Android**.This will lead you to a page where you will be asked to provide the **PackageName** and **SignatureHash**for your app. These are very important to ensure your app configuration will work. You will then receive a configuration object that you can use for your app that you will cut and paste into your auth_config.json file.
209
+
> When you register your app, please use the quickstart guide on the left-hand side and then select **Android**. This will lead you to a page where you'll be asked to provide the **PackageName** and **SignatureHash**for your app. These are very important to ensure your app configuration will work. You'll then receive a configuration object that you can use for your app that you'll cut and paste into your auth_config.json file.
You should select **Make this change for me** and then provide the values the QuickStart asks for in the Azure portal. When that's done, we will generate all the configuration files you need.
213
213
214
214
215
215
216
-
## Setup a tenant
216
+
## Set up a tenant
217
217
218
218
For testing purposes, set up the following in your tenant: at least two employees, one Cloud Device Administrator, and one Global Administrator. In the Azure portal, set the Cloud Device Administrator by modifying Organizational Roles. In the Azure portal, access your Organizational Roles by selecting **Azure Active Directory** > **Roles and Administrators** > **Cloud Device Administrator**. Add the users that can put a device into shared mode.
219
219
220
-
## Setup an Android device in shared mode
220
+
## Set up an Android device in shared mode
221
221
222
222
### Download the Authenticator App
223
223
@@ -233,7 +233,7 @@ Launch the Authenticator App and navigate to main account page. Once you see the
When you click this button, you will be asked to authorize access to device contacts. This is due to Android’s account integration on the device. Choose **allow**.
236
+
When you click this button, you'll be asked to authorize access to device contacts. This is due to Android’s account integration on the device. Choose **allow**.
@@ -251,11 +251,11 @@ The device is now in shared mode.
251
251
252
252
## View the shared device in the Azure portal
253
253
254
-
Once you’ve put a device in shared-mode, it becomes known to your organization and is tracked in your organizational tenant. You can view your shared devices by looking at the **Join Type** in the Azure Active Directory blade of your Azure Portal.
254
+
Once you’ve put a device in shared-mode, it becomes known to your organization and is tracked in your organizational tenant. You can view your shared devices by looking at the **Join Type** in the Azure Active Directory blade of your Azure portal.
255
255
256
256
## Running the sample app
257
257
258
-
The Sample Application is a simple app that will call the Graph API of your organization. Note that on first run you’ll be prompted to consent as the application is new to your employee account.
258
+
The Sample Application is a simple app that will call the Graph API of your organization. n first run you’ll be prompted to consent as the application is new to your employee account.
259
259
260
260
0 commit comments