Play Integrity API

Native Play Integrity API.

Summary

Enumerations
`IntegrityDialogResponseCode`	enum Status returned when showing the integrity dialog.
IntegrityErrorCode{ INTEGRITY_NO_ERROR = 0, INTEGRITY_API_NOT_AVAILABLE = -1, INTEGRITY_PLAY_STORE_NOT_FOUND = -2, INTEGRITY_NETWORK_ERROR = -3, INTEGRITY_PLAY_STORE_ACCOUNT_NOT_FOUND = -4, INTEGRITY_APP_NOT_INSTALLED = -5, INTEGRITY_PLAY_SERVICES_NOT_FOUND = -6, INTEGRITY_APP_UID_MISMATCH = -7, INTEGRITY_TOO_MANY_REQUESTS = -8, INTEGRITY_CANNOT_BIND_TO_SERVICE = -9, INTEGRITY_NONCE_TOO_SHORT = -10, INTEGRITY_NONCE_TOO_LONG = -11, INTEGRITY_GOOGLE_SERVER_UNAVAILABLE = -12, INTEGRITY_NONCE_IS_NOT_BASE64 = -13, INTEGRITY_PLAY_STORE_VERSION_OUTDATED = -14, INTEGRITY_PLAY_SERVICES_VERSION_OUTDATED = -15, INTEGRITY_CLOUD_PROJECT_NUMBER_IS_INVALID = -16, INTEGRITY_CLIENT_TRANSIENT_ERROR = -17, INTEGRITY_INTERNAL_ERROR = -100, INTEGRITY_INITIALIZATION_NEEDED = -101, INTEGRITY_INITIALIZATION_FAILED = -102, INTEGRITY_INVALID_ARGUMENT = -103 }	enum Errors that can be encountered while using the integrity API.
`IntegrityResponseStatus{ INTEGRITY_RESPONSE_UNKNOWN = 0, INTEGRITY_RESPONSE_PENDING = 1, INTEGRITY_RESPONSE_COMPLETED = 2 }`	enum Status returned when requesting integrity tokens/providers.
StandardIntegrityErrorCode{ STANDARD_INTEGRITY_API_NOT_AVAILABLE = -1, STANDARD_INTEGRITY_PLAY_STORE_NOT_FOUND = -2, STANDARD_INTEGRITY_NETWORK_ERROR = -3, STANDARD_INTEGRITY_APP_NOT_INSTALLED = -5, STANDARD_INTEGRITY_PLAY_SERVICES_NOT_FOUND = -6, STANDARD_INTEGRITY_APP_UID_MISMATCH = -7, STANDARD_INTEGRITY_TOO_MANY_REQUESTS = -8, STANDARD_INTEGRITY_CANNOT_BIND_TO_SERVICE = -9, STANDARD_INTEGRITY_GOOGLE_SERVER_UNAVAILABLE = -12, STANDARD_INTEGRITY_PLAY_STORE_VERSION_OUTDATED = -14, STANDARD_INTEGRITY_PLAY_SERVICES_VERSION_OUTDATED = -15, CLOUD_PROJECT_NUMBER_IS_INVALID = -16, STANDARD_REQUEST_HASH_TOO_LONG = -17, STANDARD_CLIENT_TRANSIENT_ERROR = -18, STANDARD_INTEGRITY_TOKEN_PROVIDER_INVALID = -19, STANDARD_INTEGRITY_INTERNAL_ERROR = -100, STANDARD_INTEGRITY_INITIALIZATION_NEEDED = -101, STANDARD_INTEGRITY_INITIALIZATION_FAILED = -102, STANDARD_INTEGRITY_INVALID_ARGUMENT = -103 }	enum Errors that can be encountered while using the standard integrity API.

Typedefs
`IntegrityTokenRequest`	typedef `struct IntegrityTokenRequest_` An opaque struct used to provide information about an integrity token request.
`IntegrityTokenResponse`	typedef `struct IntegrityTokenResponse_` An opaque struct used to access information about an integrity token response.
`PrepareIntegrityTokenRequest`	typedef `struct PrepareIntegrityTokenRequest_` An opaque struct used to represent a prepare integrity token request.
`StandardIntegrityToken`	typedef `struct StandardIntegrityToken_` An opaque struct used to represent a standard integrity token response.
`StandardIntegrityTokenProvider`	typedef `struct StandardIntegrityTokenProvider_` An opaque struct used to represent a standard integrity token provider.
`StandardIntegrityTokenRequest`	typedef `struct StandardIntegrityTokenRequest_` An opaque struct used to represent a standard integrity token request.

Functions
`IntegrityManager_destroy()`	`void` Frees up memory allocated for the Integrity API.
`IntegrityManager_init(JavaVM *jvm, jobject android_context)`	`IntegrityErrorCode` Initialize the Play Integrity API, making the other functions available to call.
`IntegrityManager_requestIntegrityToken(IntegrityTokenRequest request, IntegrityTokenResponse *out_response)`	`IntegrityErrorCode` Starts an asynchronous operation to obtain a Play Integrity API token.
`IntegrityTokenRequest_create(IntegrityTokenRequest **out_request)`	`IntegrityErrorCode` Creates a new IntegrityTokenRequest opaque struct.
`IntegrityTokenRequest_destroy(IntegrityTokenRequest *request)`	`void` Releases the specified IntegrityTokenRequest and any references it holds.
`IntegrityTokenRequest_setCloudProjectNumber(IntegrityTokenRequest *request, int64_t cloudProjectNumber)`	`IntegrityErrorCode` Sets the cloud project number to link to the integrity token.
`IntegrityTokenRequest_setNonce(IntegrityTokenRequest request, const char nonce)`	`IntegrityErrorCode` Sets the nonce in an IntegrityTokenRequest with a given string.
`IntegrityTokenResponse_destroy(IntegrityTokenResponse *response)`	`void` Releases the specified IntegrityTokenResponse and any references it holds.
`IntegrityTokenResponse_getDialogResponseCode(IntegrityTokenResponse token_response, IntegrityDialogResponseCode out_response_code)`	`IntegrityErrorCode` Gets the response code for the dialog shown by IntegrityTokenResponse_showDialog().
`IntegrityTokenResponse_getStatus(IntegrityTokenResponse response, IntegrityResponseStatus out_status)`	`IntegrityErrorCode` Gets the status of an ongoing IntegrityManager_requestIntegrityToken() asynchronous operation.
`IntegrityTokenResponse_getToken(IntegrityTokenResponse *response)`	`const char *` Gets the token retrieved by a successful IntegrityManager_requestIntegrityToken() asynchronous operation, returns null pointer otherwise.
`IntegrityTokenResponse_showDialog(IntegrityTokenResponse *token_response, jobject android_activity, int type_code)`	`IntegrityErrorCode` Displays a dialog to the user.
`PrepareIntegrityTokenRequest_create(PrepareIntegrityTokenRequest **out_request)`	`StandardIntegrityErrorCode` Creates a new PrepareIntegrityTokenRequest opaque struct.
`PrepareIntegrityTokenRequest_destroy(PrepareIntegrityTokenRequest *request)`	`void` Releases the specified PrepareIntegrityTokenRequest and any references it holds.
`PrepareIntegrityTokenRequest_setCloudProjectNumber(PrepareIntegrityTokenRequest *request, int64_t cloud_project_number)`	`StandardIntegrityErrorCode` Sets the given cloud project number in PrepareIntegrityTokenRequest.
`StandardIntegrityManager_destroy()`	`void` Frees up memory allocated for the Standard Integrity Manager.
`StandardIntegrityManager_init(JavaVM *jvm, jobject android_context)`	`StandardIntegrityErrorCode` Initialize the Standard Integrity Manager, making the other methods available to call.
`StandardIntegrityManager_prepareIntegrityToken(PrepareIntegrityTokenRequest request, StandardIntegrityTokenProvider *out_provider)`	`StandardIntegrityErrorCode` Asynchronously prepares the integrity token and makes it available for requesting via StandardIntegrityTokenProvider.
`StandardIntegrityTokenProvider_destroy(StandardIntegrityTokenProvider *provider)`	`void` Releases the specified StandardIntegrityTokenProvider and any references it holds.
`StandardIntegrityTokenProvider_getStatus(StandardIntegrityTokenProvider provider, IntegrityResponseStatus out_status)`	`StandardIntegrityErrorCode` Gets the status of an ongoing StandardIntegrityManager_prepareIntegrityToken() asynchronous operation.
`StandardIntegrityTokenProvider_request(StandardIntegrityTokenProvider provider, StandardIntegrityTokenRequest request, StandardIntegrityToken **out_token)`	`StandardIntegrityErrorCode` Asynchronously generates and returns a token for integrity-related enquiries.
`StandardIntegrityTokenRequest_create(StandardIntegrityTokenRequest **out_request)`	`StandardIntegrityErrorCode` Creates a new StandardIntegrityTokenRequest opaque struct.
`StandardIntegrityTokenRequest_destroy(StandardIntegrityTokenRequest *request)`	`void` Releases the specified StandardIntegrityTokenRequest and any references it holds.
`StandardIntegrityTokenRequest_setRequestHash(StandardIntegrityTokenRequest request, const char request_hash)`	`StandardIntegrityErrorCode` Sets a request hash in a StandardIntegrityTokenRequest; the integrity token will be bound to this request hash.
`StandardIntegrityTokenRequest_setVerdictOptOut(StandardIntegrityTokenRequest *request, std::set< int > verdict_opt_out)`	`StandardIntegrityErrorCode` Sets a set of verdicts that should be opted out when requesting the token.
`StandardIntegrityToken_destroy(StandardIntegrityToken *token)`	`void` Releases the specified StandardIntegrityToken and any references it holds.
`StandardIntegrityToken_getDialogResponseCode(StandardIntegrityToken token, IntegrityDialogResponseCode out_response_code)`	`StandardIntegrityErrorCode` Gets the response code for the dialog shown by StandardIntegrityToken_showDialog().
`StandardIntegrityToken_getStatus(StandardIntegrityToken token, IntegrityResponseStatus out_status)`	`StandardIntegrityErrorCode` Gets the status of an ongoing StandardIntegrityTokenProvider_request asynchronous operation.
`StandardIntegrityToken_getToken(StandardIntegrityToken *token)`	`const char *` Gets the token retrieved by a completed StandardIntegrityTokenProvider_request asynchronous operation, returns null pointer otherwise.
`StandardIntegrityToken_showDialog(StandardIntegrityToken *token, jobject android_activity, int typeCode)`	`StandardIntegrityErrorCode` Displays a dialog to the user.

Enumerations

IntegrityDialogResponseCode

 IntegrityDialogResponseCode

Status returned when showing the integrity dialog.

IntegrityErrorCode

 IntegrityErrorCode

Errors that can be encountered while using the integrity API.

Properties
`INTEGRITY_API_NOT_AVAILABLE`	Integrity API is not available. Integrity API is not enabled, or the Play Store version might be old. Recommended actions: Make sure that Integrity API is enabled in Google Play Console. Ask the user to update Play Store.
`INTEGRITY_APP_NOT_INSTALLED`	The calling app is not installed. Something is wrong (possibly an attack). Non-actionable.
`INTEGRITY_APP_UID_MISMATCH`	The calling app UID (user id) does not match the one from Package Manager. Something is wrong (possibly an attack). Non-actionable.
`INTEGRITY_CANNOT_BIND_TO_SERVICE`	Binding to the service in the Play Store has failed. This can be due to having an old Play Store version installed on the device. Ask the user to update Play Store.
`INTEGRITY_CLIENT_TRANSIENT_ERROR`	There was a transient error in the client device. Introduced in Play Core Java library version 1.1.0 (prior versions returned a token with empty Device Integrity Verdict). If the error persists after a few retries, you should assume that the device has failed integrity checks and act accordingly.
`INTEGRITY_CLOUD_PROJECT_NUMBER_IS_INVALID`	The provided cloud project number is invalid. Use the cloud project number which can be found in Project info in your Google Cloud Console for the cloud project where Play Integrity API is enabled.
`INTEGRITY_GOOGLE_SERVER_UNAVAILABLE`	Unknown internal Google server error. Retry with an exponential backoff. Consider filing a bug if fails consistently.
`INTEGRITY_INITIALIZATION_FAILED`	There was an error initializing the Integrity API. Retry with an exponential backoff. Consider filing a bug if fails consistently.
`INTEGRITY_INITIALIZATION_NEEDED`	IntegrityManager is not initialized. Call IntegrityManager_init() first.
`INTEGRITY_INTERNAL_ERROR`	Unknown internal error. Retry with an exponential backoff. Consider filing a bug if fails consistently.
`INTEGRITY_INVALID_ARGUMENT`	Invalid argument passed to the Integrity API. Retry with correct argument.
`INTEGRITY_NETWORK_ERROR`	No available network is found. Ask the user to check for a connection.
`INTEGRITY_NONCE_IS_NOT_BASE64`	Nonce is not encoded as a Base64 web-safe no-wrap string. Retry with correct nonce format.
`INTEGRITY_NONCE_TOO_LONG`	Nonce length is too long. The nonce must be less than 500 bytes before Base64 encoding. Retry with a shorter nonce.
`INTEGRITY_NONCE_TOO_SHORT`	Nonce length is too short. The nonce must be a minimum of 16 bytes (before Base64 encoding) to allow for a better security. Retry with a longer nonce.
`INTEGRITY_NO_ERROR`	No error has occurred.
`INTEGRITY_PLAY_SERVICES_NOT_FOUND`	Play Services is not available or version is too old. Ask the user to Install or Update Play Services.
`INTEGRITY_PLAY_SERVICES_VERSION_OUTDATED`	Play Services needs to be updated. Ask the user to update Google Play Services.
`INTEGRITY_PLAY_STORE_ACCOUNT_NOT_FOUND`	No Play Store account is found on device. Note that the Play Integrity API now supports unauthenticated requests. This error code is used only for older Play Store versions that lack support. Ask the user to authenticate in Play Store.
`INTEGRITY_PLAY_STORE_NOT_FOUND`	No Play Store app is found on device or not official version is installed. Ask the user to install an official and recent version of Play Store.
`INTEGRITY_PLAY_STORE_VERSION_OUTDATED`	The Play Store needs to be updated. Ask the user to update the Google Play Store.
`INTEGRITY_TOO_MANY_REQUESTS`	The calling app is making too many requests to the API and hence is throttled. Retry with an exponential backoff.

IntegrityResponseStatus

 IntegrityResponseStatus

Status returned when requesting integrity tokens/providers.

Properties
`INTEGRITY_RESPONSE_COMPLETED`	The asynchronous operation has finished.
`INTEGRITY_RESPONSE_PENDING`	Waiting for asynchronous operation to finish.
`INTEGRITY_RESPONSE_UNKNOWN`	The response status is unknown.

StandardIntegrityErrorCode

 StandardIntegrityErrorCode

Errors that can be encountered while using the standard integrity API.

Properties
`CLOUD_PROJECT_NUMBER_IS_INVALID`	The provided cloud project number is invalid. Use the cloud project number which can be found in Project info in your Google Cloud Console for the cloud project where Play Integrity API is enabled.
`STANDARD_CLIENT_TRANSIENT_ERROR`	There was a transient error in the client device. Retry with an exponential backoff. If the error persists after a few retries, you should assume that the device has failed integrity checks and act accordingly.
`STANDARD_INTEGRITY_API_NOT_AVAILABLE`	Standard Integrity API is not available. Standard Integrity API is not enabled, or the Play Store version might be old. Recommended actions: Make sure to be allowlisted to use Standard Integrity API. Make sure that Integrity API is enabled in Google Play Console. Ask the user to update Play Store.
`STANDARD_INTEGRITY_APP_NOT_INSTALLED`	The calling app is not installed. Something is wrong (possibly an attack). Non-actionable.
`STANDARD_INTEGRITY_APP_UID_MISMATCH`	The calling app UID (user id) does not match the one from Package Manager. Something is wrong (possibly an attack). Non-actionable.
`STANDARD_INTEGRITY_CANNOT_BIND_TO_SERVICE`	Binding to the service in the Play Store has failed. This can be due to having an old Play Store version installed on the device or device memory is overloaded. Ask the user to update Play Store. Retry with an exponential backoff.
`STANDARD_INTEGRITY_GOOGLE_SERVER_UNAVAILABLE`	Unknown internal Google server error. Retry with an exponential backoff. Consider filing a bug if fails consistently.
`STANDARD_INTEGRITY_INITIALIZATION_FAILED`	There was an error initializing the Standard Integrity API. Retry with an exponential backoff. Consider filing a bug if fails consistently.
`STANDARD_INTEGRITY_INITIALIZATION_NEEDED`	StandardIntegrityManager is not initialized. Call StandardIntegrityManager_init() first.
`STANDARD_INTEGRITY_INTERNAL_ERROR`	Unknown internal error. Retry with an exponential backoff. Consider filing a bug if fails consistently.
`STANDARD_INTEGRITY_INVALID_ARGUMENT`	Invalid argument passed to the Standard Integrity API. Retry with correct argument.
`STANDARD_INTEGRITY_NETWORK_ERROR`	No available network is found. Ask the user to check for a connection.
`STANDARD_INTEGRITY_PLAY_SERVICES_NOT_FOUND`	Play Services is not available or version is too old. Ask the user to Install or Update Play Services.
`STANDARD_INTEGRITY_PLAY_SERVICES_VERSION_OUTDATED`	Play Services needs to be updated. Ask the user to update Google Play Services.
`STANDARD_INTEGRITY_PLAY_STORE_NOT_FOUND`	No Play Store app is found on device or not official version is installed. Ask the user to install an official and recent version of Play Store.
`STANDARD_INTEGRITY_PLAY_STORE_VERSION_OUTDATED`	The Play Store needs to be updated. Ask the user to update the Google Play Store.
`STANDARD_INTEGRITY_TOKEN_PROVIDER_INVALID`	The StandardIntegrityTokenProvider is invalid (e.g. it is outdated). This error can only be returned for StandardIntegrityTokenProvider_request(). Request a new integrity token provider by calling StandardIntegrityManager_prepareIntegrityToken().
`STANDARD_INTEGRITY_TOO_MANY_REQUESTS`	The calling app is making too many requests to the API and hence is throttled. Retry with an exponential backoff.
`STANDARD_REQUEST_HASH_TOO_LONG`	The provided request hash is too long. The request hash length must be less than 500 bytes. Retry with a shorter request hash.

Typedefs

IntegrityTokenRequest

struct IntegrityTokenRequest_ IntegrityTokenRequest

An opaque struct used to provide information about an integrity token request.

IntegrityTokenResponse

struct IntegrityTokenResponse_ IntegrityTokenResponse

An opaque struct used to access information about an integrity token response.

PrepareIntegrityTokenRequest

struct PrepareIntegrityTokenRequest_ PrepareIntegrityTokenRequest

An opaque struct used to represent a prepare integrity token request.

StandardIntegrityToken

struct StandardIntegrityToken_ StandardIntegrityToken

An opaque struct used to represent a standard integrity token response.

StandardIntegrityTokenProvider

struct StandardIntegrityTokenProvider_ StandardIntegrityTokenProvider

An opaque struct used to represent a standard integrity token provider.

StandardIntegrityTokenRequest

struct StandardIntegrityTokenRequest_ StandardIntegrityTokenRequest

An opaque struct used to represent a standard integrity token request.

Functions

IntegrityManager_destroy

void IntegrityManager_destroy()

Frees up memory allocated for the Integrity API.

Does nothing if IntegrityManager_init() hasn't been called.

IntegrityManager_init

IntegrityErrorCode IntegrityManager_init(
  JavaVM *jvm,
  jobject android_context
)

Initialize the Play Integrity API, making the other functions available to call.

In case of failure the Play Integrity API is unavailable, and there will be an error in logcat. The most common reason for failure is that the PlayCore AAR is missing or some of its classes/methods weren't retained by ProGuard. See also:IntegrityManager_destroy

Details

Parameters

`jvm`	The app's single JavaVM, for example from ANativeActivity's "vm" field.
`android_context`	An Android Context, for example from ANativeActivity's "clazz" field.

Returns

INTEGRITY_NO_ERROR if initialization succeeded, or an error if failed.

IntegrityManager_requestIntegrityToken

IntegrityErrorCode IntegrityManager_requestIntegrityToken(
  IntegrityTokenRequest *request,
  IntegrityTokenResponse **out_response
)

Starts an asynchronous operation to obtain a Play Integrity API token.

For an ongoing asynchronous operation, use IntegrityTokenResponse_getStatus() to poll for the status of the IntegrityTokenResponse. When the status reaches INTEGRITY_RESPONSE_COMPLETED with INTEGRITY_NO_ERROR, use IntegrityTokenResponse_getToken() to acquire the resulting token.

See also: IntegrityTokenResponse_destroy

Details

Parameters

`request`	The request containing the nonce.
`out_response`	An out parameter for receiving the result.

Returns

INTEGRITY_NO_ERROR if the request started successfully, corresponding error if failed.

IntegrityTokenRequest_create

IntegrityErrorCode IntegrityTokenRequest_create(
  IntegrityTokenRequest **out_request
)

Creates a new IntegrityTokenRequest opaque struct.

See also: IntegrityTokenRequest_destroy

Details

Parameters

out_request

An out parameter for receiving the result.

Returns

An IntegrityErrorCode, which if not INTEGRITY_NO_ERROR indicates that the out parameter shouldn't be used.

IntegrityTokenRequest_destroy

void IntegrityTokenRequest_destroy(
  IntegrityTokenRequest *request
)

Releases the specified IntegrityTokenRequest and any references it holds.

Details

Parameters

request

The request to free.

IntegrityTokenRequest_setCloudProjectNumber

IntegrityErrorCode IntegrityTokenRequest_setCloudProjectNumber(
  IntegrityTokenRequest *request,
  int64_t cloudProjectNumber
)

Sets the cloud project number to link to the integrity token.

This field is required for apps exclusively distributed outside of Google Play and SDKs. For apps distributed on Google Play, the cloud project number is configured in the Play Console and need not be set on the request.

Cloud project number can be found in Project info in your Google Cloud Console for the cloud project where Play Integrity API is enabled.

Calls to decrypt the token on Google's server must be authenticated using the cloud account that was linked to the token in this request.

Details

Parameters

`request`	The IntegrityTokenRequest to set cloudProjectNumber.
`cloudProjectNumber`	The cloudProjectNumber for the request.

Returns

An IntegrityErrorCode, which if not INTEGRITY_NO_ERROR indicates that this operation has failed.

IntegrityTokenRequest_setNonce

IntegrityErrorCode IntegrityTokenRequest_setNonce(
  IntegrityTokenRequest *request,
  const char *nonce
)

Sets the nonce in an IntegrityTokenRequest with a given string.

It must be base64 encoded in web-safe no-wrap form.

See https://developer.android.com/google/play/integrity/verdict#nonce for details about the nonce requirements and recommendations.

Details

Parameters

`request`	The IntegrityTokenRequest for which to set token.
`nonce`	The nonce for the request.

Returns

An IntegrityErrorCode, which if not INTEGRITY_NO_ERROR indicates that this operation has failed.

IntegrityTokenResponse_destroy

void IntegrityTokenResponse_destroy(
  IntegrityTokenResponse *response
)

Releases the specified IntegrityTokenResponse and any references it holds.

Details

Parameters

response

The response to free.

IntegrityTokenResponse_getDialogResponseCode

IntegrityErrorCode IntegrityTokenResponse_getDialogResponseCode(
  IntegrityTokenResponse *token_response,
  IntegrityDialogResponseCode *out_response_code
)

Gets the response code for the dialog shown by IntegrityTokenResponse_showDialog.

Details

Parameters

`token_response`	The IntegrityTokenResponse for which to get status.
`out_response_code`	An out parameter for receiving the IntegrityDialogResponseCode. This is set if the call to IntegrityTokenResponse_showDialog was successful.

Returns

INTEGRITY_NO_ERROR if IntegrityTokenResponse_showDialog was successful; any other value indicates an error that has occurred while requesting the dialog response code.

IntegrityTokenResponse_getStatus

IntegrityErrorCode IntegrityTokenResponse_getStatus(
  IntegrityTokenResponse *response,
  IntegrityResponseStatus *out_status
)

Gets the status of an ongoing IntegrityManager_requestIntegrityToken() asynchronous operation.

This function can be used to poll for the completion of a call to IntegrityManager_requestIntegrityToken(). This function does not make any JNI calls and can be called every frame.

Details

Parameters

`response`	The IntegrityTokenResponse for which to get status.
`out_status`	An out parameter for receiving the IntegrityResponseStatus.

Returns

An IntegrityErrorCode indicating the error associated with the given IntegrityTokenResponse.

IntegrityTokenResponse_getToken

const char * IntegrityTokenResponse_getToken(
  IntegrityTokenResponse *response
)

Gets the token retrieved by a successful IntegrityManager_requestIntegrityToken() asynchronous operation, returns null pointer otherwise.

The JSON payload is signed and encrypted as a nested JWT, that is JWE of JWS.

JWE uses A256KW as a key wrapping algorithm and A256GCM as a content encryption algorithm. JWS uses ES256 as a signing algorithm.

All decryption and verification should be done within a secure server environment. Do not decrypt or verify the received token from within the client app. In particular, never expose any decryption keys to the client app.

See https://developer.android.com/google/play/integrity/verdict#token-format.

The string returned here is owned by the API, and the pointer will be valid until the corresponding IntegrityTokenResponse is freed by calling IntegrityTokenResponse_destroy().

Details

Parameters

response

The IntegrityTokenResponse specifying the asynchronous operation.

Returns

A token which contains the response for the integrity related enquiries.

IntegrityTokenResponse_showDialog

IntegrityErrorCode IntegrityTokenResponse_showDialog(
  IntegrityTokenResponse *token_response,
  jobject android_activity,
  int type_code
)

Displays a dialog to the user.

This method can only be called once per Integrity API response. See also:IntegrityTokenResponse_getDialogResponseCode

Details

Parameters

`token_response`	The IntegrityTokenResponse for which to show the dialog.
`android_activity`	The Android Activity to show the dialog on.
`type_code`	determines which Integrity Dialog type should be shown. See https://developer.android.com/google/play/integrity/reference/com/google/android/play/core/integrity/model/IntegrityDialogTypeCode for the supported types.

Returns

A IntegrityErrorCode representing the result of the operation.

PrepareIntegrityTokenRequest_create

StandardIntegrityErrorCode PrepareIntegrityTokenRequest_create(
  PrepareIntegrityTokenRequest **out_request
)

Creates a new PrepareIntegrityTokenRequest opaque struct.

Details

Parameters

out_request

An out parameter for receiving the result.

Returns

STANDARD_INTEGRITY_NO_ERROR if initialized successfully; any other value indicates that an error has occurred and the out parameter shouldn't be used.

PrepareIntegrityTokenRequest_destroy

void PrepareIntegrityTokenRequest_destroy(
  PrepareIntegrityTokenRequest *request
)

Releases the specified PrepareIntegrityTokenRequest and any references it holds.

Details

Parameters

request

A PrepareIntegrityTokenRequest to free.

PrepareIntegrityTokenRequest_setCloudProjectNumber

StandardIntegrityErrorCode PrepareIntegrityTokenRequest_setCloudProjectNumber(
  PrepareIntegrityTokenRequest *request,
  int64_t cloud_project_number
)

Sets the given cloud project number in PrepareIntegrityTokenRequest.

This method should be called after initialising the request via PrepareIntegrityTokenRequest_create method.

Details

Parameters

`request`	A PrepareIntegrityTokenRequest for which to set the cloud project number.
`cloud_project_number`	The cloud project number.

Returns

STANDARD_INTEGRITY_NO_ERROR on success; any other value indicates that an error has occurred due to invalid arguments.

StandardIntegrityManager_destroy

void StandardIntegrityManager_destroy()

Frees up memory allocated for the Standard Integrity Manager.

Does nothing if StandardIntegrityManager_init() hasn't been called.

StandardIntegrityManager_init

StandardIntegrityErrorCode StandardIntegrityManager_init(
  JavaVM *jvm,
  jobject android_context
)

Initialize the Standard Integrity Manager, making the other methods available to call.

In case of failure, the Standard Integrity API is unavailable, and there will be an error in logcat. The most common reason for failure is that the PlayCore AAR is missing or some of its classes/methods weren't retained by ProGuard. See also:StandardIntegrityManager_destroy

Details

Parameters

`jvm`	The app's single JavaVM. For example, from ANativeActivity's "vm" field.
`android_context`	An Android Context. For example, from ANativeActivity's "clazz" field.

Returns

STANDARD_INTEGRITY_NO_ERROR if initialization succeeded, or an error on failure.

StandardIntegrityManager_prepareIntegrityToken

StandardIntegrityErrorCode StandardIntegrityManager_prepareIntegrityToken(
  PrepareIntegrityTokenRequest *request,
  StandardIntegrityTokenProvider **out_provider
)

Asynchronously prepares the integrity token and makes it available for requesting via StandardIntegrityTokenProvider.

This method can be called from time to time to refresh the resulting StandardIntegrityTokenProvider. Note that this API makes a call to Google servers and hence requires a network connection.

Note that the API is in beta mode.

Details

Parameters

`request`	The request containing the cloud project number.
`out_provider`	An out parameter for receiving the token provider.

Returns

STANDARD_INTEGRITY_NO_ERROR if request started successfully; any other value indicates that an error has occurred and the out parameter shouldn't be used.

StandardIntegrityTokenProvider_destroy

void StandardIntegrityTokenProvider_destroy(
  StandardIntegrityTokenProvider *provider
)

Releases the specified StandardIntegrityTokenProvider and any references it holds.

Details

Parameters

provider

The provider object to free.

StandardIntegrityTokenProvider_getStatus

StandardIntegrityErrorCode StandardIntegrityTokenProvider_getStatus(
  StandardIntegrityTokenProvider *provider,
  IntegrityResponseStatus *out_status
)

Gets the status of an ongoing StandardIntegrityManager_prepareIntegrityToken() asynchronous operation.

Details

Parameters

`provider`	The StandardIntegrityTokenProvider for which to get status.
`out_status`	An out parameter for receiving the IntegrityResponseStatus.

Returns

STANDARD_INTEGRITY_NO_ERROR if the request is successful or in progress; any other value indicates an error that has occurred while requesting token provider.

StandardIntegrityTokenProvider_request

StandardIntegrityErrorCode StandardIntegrityTokenProvider_request(
  StandardIntegrityTokenProvider *provider,
  StandardIntegrityTokenRequest *request,
  StandardIntegrityToken **out_token
)

Asynchronously generates and returns a token for integrity-related enquiries.

This must be called after StandardIntegrityManager_prepareIntegrityToken completes.

Note that the API is in beta mode.

See also: StandardIntegrityToken_destroy

Details

Parameters

`provider`	A StandardIntegrityTokenProvider used to request token.
`request`	A StandardIntegrityTokenRequest containing an optional request hash.
`out_token`	An out parameter for receiving the result.

Returns

STANDARD_INTEGRITY_NO_ERROR if the token request was initiated successfully; any other value indicates that an error has occurred and the out parameter shouldn't be used.

StandardIntegrityTokenRequest_create

StandardIntegrityErrorCode StandardIntegrityTokenRequest_create(
  StandardIntegrityTokenRequest **out_request
)

Creates a new StandardIntegrityTokenRequest opaque struct.

Details

Parameters

out_request

An out parameter for receiving the result.

Returns

STANDARD_INTEGRITY_NO_ERROR if initialized successfully; any other value indicates that an error has occurred and the out parameter shouldn't be used.

StandardIntegrityTokenRequest_destroy

void StandardIntegrityTokenRequest_destroy(
  StandardIntegrityTokenRequest *request
)

Releases the specified StandardIntegrityTokenRequest and any references it holds.

Details

Parameters

request

A StandardIntegrityTokenRequest to free.

StandardIntegrityTokenRequest_setRequestHash

StandardIntegrityErrorCode StandardIntegrityTokenRequest_setRequestHash(
  StandardIntegrityTokenRequest *request,
  const char *request_hash
)

Sets a request hash in a StandardIntegrityTokenRequest; the integrity token will be bound to this request hash.

It is recommended but not required.

Details

Parameters

`request`	The StandardIntegrityTokenRequest for which to set the request hash.
`request_hash`	A request hash to bind the integrity token to. string.

Returns

STANDARD_INTEGRITY_NO_ERROR on success; any other value indicates that an error has occurred due to invalid arguments.

StandardIntegrityTokenRequest_setVerdictOptOut

StandardIntegrityErrorCode StandardIntegrityTokenRequest_setVerdictOptOut(
  StandardIntegrityTokenRequest *request,
  std::set< int > verdict_opt_out
)

Sets a set of verdicts that should be opted out when requesting the token.

Any verdicts specified here will be unevaluated.

Details

Parameters

`request`	The StandardIntegrityTokenRequest for which to set the verdict opt out.
`verdict_opt_out`	A set of integrity token verdicts that should be opted-out. See https://developer.android.com/google/play/integrity/reference/com/google/android/play/core/integrity/model/StandardIntegrityVerdictOptOut.html for more information about the supported codes for opting out from verdicts. set.

Returns

STANDARD_INTEGRITY_NO_ERROR on success; any other value indicates that an error has occurred due to invalid arguments.

StandardIntegrityToken_destroy

void StandardIntegrityToken_destroy(
  StandardIntegrityToken *token
)

Releases the specified StandardIntegrityToken and any references it holds.

Details

Parameters

token

A StandardIntegrityToken response to free.

StandardIntegrityToken_getDialogResponseCode

StandardIntegrityErrorCode StandardIntegrityToken_getDialogResponseCode(
  StandardIntegrityToken *token,
  IntegrityDialogResponseCode *out_response_code
)

Gets the response code for the dialog shown by StandardIntegrityToken_showDialog().

Details

Parameters

`token`	The StandardIntegrityToken for which to get status.
`out_response_code`	An out parameter for receiving the IntegrityDialogResponseCode. This is set if the call to StandardIntegrityToken_showDialog was successful.

Returns

STANDARD_INTEGRITY_NO_ERROR if StandardIntegrityToken_showDialog was successful; any other value indicates an error that has occurred while requesting the dialog response code.

StandardIntegrityToken_getStatus

StandardIntegrityErrorCode StandardIntegrityToken_getStatus(
  StandardIntegrityToken *token,
  IntegrityResponseStatus *out_status
)

Gets the status of an ongoing StandardIntegrityTokenProvider_request asynchronous operation.

Details

Parameters

`token`	The StandardIntegrityToken for which to get status.
`out_status`	An out parameter for receiving the IntegrityResponseStatus.

Returns

STANDARD_INTEGRITY_NO_ERROR if the request is successful or in progress; any other value indicates an error that has occurred while requesting token.

StandardIntegrityToken_getToken

const char * StandardIntegrityToken_getToken(
  StandardIntegrityToken *token
)

Gets the token retrieved by a completed StandardIntegrityTokenProvider_request asynchronous operation, returns null pointer otherwise.

The string returned here is owned by the API, and the pointer will be valid until the corresponding StandardIntegrityToken is freed by calling StandardIntegrityToken_destroy.

Details

Parameters

token

A StandardIntegrityToken response to retrieve token from.

Returns

A token which contains the response for the integrity related enquiries.

StandardIntegrityToken_showDialog

StandardIntegrityErrorCode StandardIntegrityToken_showDialog(
  StandardIntegrityToken *token,
  jobject android_activity,
  int typeCode
)

Displays a dialog to the user.

This method can only be called once per Integrity API response. See also:StandardIntegrityToken_getDialogResponseCode

Details

Parameters

`token`	The StandardIntegrityToken for which to show the dialog.
`android_activity`	The Android Activity to show the dialog on.
`typeCode`	determines which Integrity Dialog type should be shown. See https://developer.android.com/google/play/integrity/reference/com/google/android/play/core/integrity/model/IntegrityDialogTypeCode for the supported types.

Returns

A StandardIntegrityErrorCode representing the result of the operation.