# Device Connect: Android SDK

The Android SDK can be used to integrate mobile apps with Device Connect, so that users can share their data.


Following will be shared by FinBox team at the time of integration:


# Integration Flow

Assuming the dependency has been added for your project as per this section, the following would be the flow in your app:

Client Workflow

# Step 1: Requesting Runtime Permissions

It is required to show what all permissions you will be needing from users in app, and then ask them for the permissions. Please refer this section to get the list of permissions the SDK needs. Also in case you want to exclude certain permissions, you can use a remove rule as mentioned in the same article.

# Step 2: Creating the User

After requesting, the createUser method can be called specifying a CUSTOMER_ID (Refer to this section for sample code and response), which represents a unique identifier for the user.


  • It is recommended that CUSTOMER_ID is a masked value not a unique personal identifier like phone number or email id, so that user remains anonymous to FinBox.
  • SDK will automatically consider syncing based on whether permission was granted by user or not and what was configured, hence the createUser method must be called even though user denies certain permissions.

createUser in general acts as a check for API credentials. For the first time when the user doesn't exists, it will create user on FinBox side. The next step will work only if this function returns a success response.

# Step 3: Start Syncing Data

If the createUser response is successful, you can call startPeriodicSync function (Refer this article) which will sync data in period intervals in background.


  • Recommended approach is to call createUser (and then startPeriodicSync on success) method every time user accesses the app, so that background sync process remains in check.
  • In certain cases, FinBox server often communicates with sdk directly, to make sure this works it is required to forward FCM Notifications to SDK. Refer to this article for it.
  • In case of multi process application, it is required to initialize the SDK manually before calling the createUser method. Refer here for such cases.

# Adding Dependency

In the project level build.gradle file, add the repository URLs to all allprojects block.

maven {
    url "s3://risk-manager-android-sdk/artifacts"
    credentials(AwsCredentials) {
        accessKey = <ACCESS_KEY>
        secretKey = <SECRET_KEY>

Now add the dependency to module level build.gradle:

implementation('in.finbox:mobileriskmanager:<DC_SDK_VERSION>:parent-release@aar') {
    transitive = true

# Handle Permissions

The Runtime permissions needs to handled by the developer when calling the helper methods. Based on the permissions available, the SDK intelligently syncs the alternate data.

Below are the list of Runtime permissions the sdk adds to the application Manifest, if Manifest Merger is enabled:

<uses-permission android:name="android.permission.READ_PHONE_STATE" />
<uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE" />
<uses-permission android:name="android.permission.READ_CALENDAR" />
<uses-permission android:name="android.permission.READ_SMS" />
<uses-permission android:name="android.permission.RECEIVE_SMS" />
<uses-permission android:name="android.permission.READ_CALL_LOG" />
<uses-permission android:name="android.permission.READ_CONTACTS" />
<uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION" />
<uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" />
<uses-permission android:name="android.permission.GET_ACCOUNTS" />
    tools:ignore="ProtectedPermissions" />


In case of Xiaomi we need to ask for a special Service SMS Permission so that SMS Data can be synced. Please look at the sample app in which in order to navigate the user to the settings screen, we are calling the function: CommonUtils.showServiceSmsPermissionSetting(this); and then listening to the callback in OnActivityResult with RequestCode REQUEST_SMS_PERMISSION_CODE

To remove the unused permissions, add a remove rule to that permission as shown below:

    tools:node="remove" />

In case the Manifest merger is not enabled add the above specified permissions manually.

# Create User Method

Call createUser method to create the user (first time) or check the API credentials for the SDK. It takes CUSTOMER_ID as one of its arguments which is a unique identifier for a user.


Please make sure CUSTOMER_ID is not more than 64 characters and is alphanumeric (with no special characters). Also it should never null or a blank string "".

The response to this method (success or failure) can be captured using the callback FinBoxAuthCallback.

FinBox.createUser("CLIENT_API_KEY", "CUSTOMER_ID",
    new FinBox.FinBoxAuthCallback() {
        public void onSuccess(@NonNull String accessToken) {
            // Authentication is success

        public void onError(@FinBoxErrorCode int error) {
            // Authentication failed

You can read about the error codes in this section.

# Start Periodic Sync Method

This is to be called only on successful response to createUser method's callback. On calling this the syncs will start for all the data sources configured as per permissions. The method below syncs data in background at regular intervals:

FinBox finbox = new FinBox();

# Forward Notifications to SDK

In certain cases, FinBox server often requests critical data from sdk directly (other than scheduled sync period), to make sure this works it is required to forward FCM Notifications to SDK.

Add the following lines inside the overridden onMessageReceived method available in the service that extends FirebaseMessagingService.

if(MessagingService.forwardToFinBoxSDK(remoteMessage.getData())) {
    final MessagingService firebaseMessagingService = new MessagingService();

# Multi Process Support

Device Connect uses a content provider to auto initialize the SDK. The limitation with the OS is that content providers are only initialized once in a multi process application and from the main process. For this reason, any calls to the SDK from other processes will lead to unstable behavior.

In case, you want to use the SDK from a process other than main process, follow the two steps mentioned below to initialize the SDK.

# Remove the Content Provider

Remove the content provider that auto initializes the SDK from the Android Manifest file.

    tools:node="remove" />

# Initialize the SDK

Initialize the FinBox SDK in the onCreate method of Application class.


# Cancel Periodic Syncing

If you have already set up the sync for the user data, you can cancel it any time by following code:


# Handle Sync Frequency

By default sync frequency is set to 8 hours, you can modify it by passing preferred time in seconds as argument to setSyncFrequency method once the user is created.

# Reset User Data

In case the user data needs to be removed to re-sync the entire data, use the method resetData.


# Error Codes

Below table contains the constant name, error code value and the description of error code:


All the constants stated below are available as constants in SDK.

Constant Name Constant Value Description
QUOTA_LIMIT_EXCEEDED 7670 API Key exceeded its quota limit
AUTHENTICATE_FAILED 7671 Authentication of the API Key and the User failed
AUTHENTICATE_API_FAILED 7672 Authentication of the API Key failed
AUTHORIZATION_API_FAILED 7673 Authorization of the API Key failed
AUTHENTICATE_USER_EMPTY 7677 User name is empty
NO_ACTIVE_NETWORK 7678 Device is not connected to an active network
NETWORK_TIME_OUT 7679 Request timed out
NETWORK_RESPONSE_NULL 7681 Network response is null
USER_TOKENS_NULL 7682 Both access token and refresh token is null
ACCESS_TOKEN_NULL 7683 Access token is null
REFRESH_TOKEN_NULL 7684 Refresh token is null
AUTHENTICATE_NOT_FOUND 7685 End point is not found

Some error codes can be resolved by validating the implementation and some by retrying the creation of user, while other error codes can only be resolved by contacting FinBox.

Last Updated: 2/24/2020, 10:28:57 AM