Android 앱 내 디지털 사용자 인증 정보 확인은 사용자의 신원 (예: 정부 발급 신분증), 사용자에 관한 속성 (예: 운전면허증, 학위, 연령 또는 주소와 같은 속성) 또는 사용자 인증 정보를 발급하고 확인하여 항목의 진위를 확인해야 하는 기타 시나리오를 인증하고 승인하는 데 사용할 수 있습니다.
디지털 인증서는 디지털 지갑에서 사용자의 확인 가능한 디지털 인증서에 액세스하는 방법을 지정하는 공개 W3C 표준으로, W3C 인증 관리 API를 사용하여 웹 사용 사례에 구현됩니다. Android에서는 Credential Manager의 DigitalCredential API가 디지털 사용자 인증 정보를 확인하는 데 사용됩니다.
구현
Android 프로젝트에서 디지털 사용자 인증 정보를 확인하려면 다음 단계를 따르세요.
앱의 빌드 스크립트에 종속 항목을 추가하고 CredentialManager 클래스를 초기화합니다.
디지털 사용자 인증 정보 요청을 구성하고 이를 사용하여 DigitalCredentialOption를 초기화한 후 GetCredentialRequest를 빌드합니다.
생성된 요청으로 getCredential 흐름을 실행하여 성공적인 GetCredentialResponse을 수신하거나 발생할 수 있는 예외를 처리합니다.
검색에 성공하면 응답을 검증합니다.
디지털 사용자 인증 정보 요청을 구성하고 이를 사용하여 DigitalCredentialOption를 초기화합니다.
// The request in the JSON format to conform with// the JSON-ified Credential Manager - Verifier API request definition.valrequestJson=generateRequestFromServer()valdigitalCredentialOption=GetDigitalCredentialOption(requestJson=requestJson)// Use the option from the previous step to build the `GetCredentialRequest`.valgetCredRequest=GetCredentialRequest(listOf(digitalCredentialOption))
다음은 OpenId4Vp 요청의 예입니다. 전체 참조는 이 웹사이트에서 확인할 수 있습니다.
생성된 요청으로 getCredential 흐름을 시작합니다. 요청이 성공하면 GetCredentialResponse이, 실패하면 GetCredentialException이 반환됩니다.
getCredential 흐름은 Android 시스템 대화상자를 트리거하여 사용자에게 사용 가능한 사용자 인증 정보 옵션을 표시하고 선택사항을 수집합니다. 그런 다음 선택한 사용자 인증 정보 옵션이 포함된 지갑 앱에 동의를 수집하고 디지털 사용자 인증 정보 응답을 생성하는 데 필요한 작업을 실행하는 UI가 표시됩니다.
coroutineScope.launch{try{valresult=credentialManager.getCredential(context=activityContext,request=getCredRequest)verifyResult(result)}catch(e:GetCredentialException){handleFailure(e)}}// Handle the successfully returned credential.funverifyResult(result:GetCredentialResponse){valcredential=result.credentialwhen(credential){isDigitalCredential->{valresponseJson=credential.credentialJsonvalidateResponseOnServer(responseJson)}else->{// Catch any unrecognized credential type here.Log.e(TAG,"Unexpected type of credential ${credential.type}")}}}// Handle failure.funhandleFailure(e:GetCredentialException){when(e){isGetCredentialCancellationException->{// The user intentionally canceled the operation and chose not// to share the credential.}isGetCredentialInterruptedException->{// Retry-able error. Consider retrying the call.}isNoCredentialException->{// No credential was available.}isCreateCredentialUnknownException->{// An unknown, usually unexpected, error has occurred. Check the// message error for any additional debugging information.}isCreateCredentialCustomException->{// You have encountered a custom error thrown by the wallet.// If you made the API call with a request object that's a// subclass of CreateCustomCredentialRequest using a 3rd-party SDK,// then you should check for any custom exception type constants// within that SDK to match with e.type. Otherwise, drop or log the// exception.}else->Log.w(TAG,"Unexpected exception type ${e::class.java}")}}
이 페이지에 나와 있는 콘텐츠와 코드 샘플에는 콘텐츠 라이선스에서 설명하는 라이선스가 적용됩니다. 자바 및 OpenJDK는 Oracle 및 Oracle 계열사의 상표 또는 등록 상표입니다.
최종 업데이트: 2025-07-27(UTC)
[[["이해하기 쉬움","easyToUnderstand","thumb-up"],["문제가 해결됨","solvedMyProblem","thumb-up"],["기타","otherUp","thumb-up"]],[["필요한 정보가 없음","missingTheInformationINeed","thumb-down"],["너무 복잡함/단계 수가 너무 많음","tooComplicatedTooManySteps","thumb-down"],["오래됨","outOfDate","thumb-down"],["번역 문제","translationIssue","thumb-down"],["샘플/코드 문제","samplesCodeIssue","thumb-down"],["기타","otherDown","thumb-down"]],["최종 업데이트: 2025-07-27(UTC)"],[],[],null,["# Credential Manager - Verifier API\n\nDigital credential verification within Android apps can be used to authenticate\nand authorize a user's identity (such as a government ID), properties about that\nuser (such as a driver's license, academic degree, or attributes such as age or\naddress), or other scenarios where a credential needs to be issued and verified\nto assert the authenticity of an entity.\n\nDigital Credentials is a public W3C standard that specifies how to access a\nuser's verifiable digital credentials from a digital wallet, and is implemented\nfor web use cases with the [W3C Credential Management API](https://www.w3.org/TR/credential-management-1/). On\nAndroid, Credential Manager's [`DigitalCredential`](/reference/kotlin/androidx/credentials/DigitalCredential) API is used for\nverifying digital credentials.\n| **Note:** The Credential Manager - Verifier API is a public alpha release. Alpha releases are functionally stable, but may not be feature complete and reserve the right to make breaking changes to them as the API evolves.\n\n### Implementation\n\nTo verify digital credentials in your Android project, do the following:\n\n1. Add dependencies to your app's build script and initialize a `CredentialManager` class.\n2. Construct a digital credential request and use it to initialize a `DigitalCredentialOption`, followed by building the `GetCredentialRequest`.\n3. Launch the `getCredential` flow with the constructed request to receive a successful `GetCredentialResponse` or handle any exceptions that may occur. Upon successful retrieval, validate the response.\n\n#### Add dependencies and initialize\n\nAdd the following dependencies to your Gradle build script: \n\n dependencies {\n implementation(\"androidx.credentials:credentials:\")\n implementation(\"androidx.credentials:credentials-play-services-auth:\")\n }\n\nNext, Initialize an instance of the `CredentialManager` class. \n\n val credentialManager = CredentialManager.create(context)\n\n#### Construct a digital credential request\n\nConstruct a digital credential request and use it to initialize a\n`DigitalCredentialOption`. \n\n // The request in the JSON format to conform with\n // the JSON-ified Credential Manager - Verifier API request definition.\n val requestJson = generateRequestFromServer()\n val digitalCredentialOption =\n GetDigitalCredentialOption(requestJson = requestJson)\n\n // Use the option from the previous step to build the `GetCredentialRequest`.\n val getCredRequest = GetCredentialRequest(\n listOf(digitalCredentialOption)\n )\n\nHere is an example of an OpenId4Vp request. A full reference can be found at\nthis [website](https://openid.net/specs/openid-4-verifiable-presentations-1_0.html). \n\n {\n \"digital\": {\n \"requests\": [\n {\n \"protocol\": \"openid4vp-v1-unsigned\",\n \"data\": {\n \"response_type\": \"vp_token\",\n \"response_mode\": \"dc_api\",\n \"nonce\": \"OD8eP8BYfr0zyhgq4QCVEGN3m7C1Ht_No9H5fG5KJFk\",\n \"dcql_query\": {\n \"credentials\": [\n {\n \"id\": \"cred1\",\n \"format\": \"mso_mdoc\",\n \"meta\": {\n \"doctype_value\": \"org.iso.18013.5.1.mDL\"\n },\n \"claims\": [\n {\n \"path\": [\n \"org.iso.18013.5.1\",\n \"family_name\"\n ]\n },\n {\n \"path\": [\n \"org.iso.18013.5.1\",\n \"given_name\"\n ]\n },\n {\n \"path\": [\n \"org.iso.18013.5.1\",\n \"age_over_21\"\n ]\n }\n ]\n }\n ]\n }\n }\n }\n ]\n }\n }\n\n#### Get the credential\n\nLaunch the `getCredential` flow with the constructed request. You will receive\neither a successful `GetCredentialResponse`, or a `GetCredentialException` if\nthe request fails.\n\nThe `getCredential` flow triggers Android system dialogs to present the user's\navailable credential options and collect their selection. Next, the wallet app\nthat contains the chosen credential option will display UIs to collect consent\nand perform actions needed to generate a digital credential response. \n\n coroutineScope.launch {\n try {\n val result = credentialManager.getCredential(\n context = activityContext,\n request = getCredRequest\n )\n verifyResult(result)\n } catch (e : GetCredentialException) {\n handleFailure(e)\n }\n }\n\n // Handle the successfully returned credential.\n fun verifyResult(result: GetCredentialResponse) {\n val credential = result.credential\n when (credential) {\n is DigitalCredential -\u003e {\n val responseJson = credential.credentialJson\n validateResponseOnServer(responseJson)\n }\n else -\u003e {\n // Catch any unrecognized credential type here.\n Log.e(TAG, \"Unexpected type of credential ${credential.type}\")\n }\n }\n }\n\n // Handle failure.\n fun handleFailure(e: GetCredentialException) {\n when (e) {\n is GetCredentialCancellationException -\u003e {\n // The user intentionally canceled the operation and chose not\n // to share the credential.\n }\n is GetCredentialInterruptedException -\u003e {\n // Retry-able error. Consider retrying the call.\n }\n is NoCredentialException -\u003e {\n // No credential was available.\n }\n is CreateCredentialUnknownException -\u003e {\n // An unknown, usually unexpected, error has occurred. Check the\n // message error for any additional debugging information.\n }\n is CreateCredentialCustomException -\u003e {\n // You have encountered a custom error thrown by the wallet.\n // If you made the API call with a request object that's a\n // subclass of CreateCustomCredentialRequest using a 3rd-party SDK,\n // then you should check for any custom exception type constants\n // within that SDK to match with e.type. Otherwise, drop or log the\n // exception.\n }\n else -\u003e Log.w(TAG, \"Unexpected exception type ${e::class.java}\")\n }\n }"]]
