YubiKit is an Android library provided by Yubico to enable YubiKey support in Android apps. Both USB and NFC-enabled YubiKeys are supported.
Note
|
Version 2.0 breaks compatibility with 1.0. See the migration guide for some pointers on migrating. |
For more information on the various concepts and features used in this SDK, see our YubiKey Concepts overview.
The library includes a YubiKit Android Demo application, which provides a complete example of integrating and using the features of this library in an Android app. While this demo is written in Kotlin, the library itself is written in Java, and can be used by both Java and Kotlin.
Changes to this library are documented in the NEWS file.
The SDK is split up into multiple modules. Each module has its own documentation and can be used independently of the others. All YubiKit modules include javadoc and additional resources deployed with the library archive. Refer to the javadoc documentation detailed about the APIs methods, properties, and parameters. The SDK is versioned as a whole: You should not mix YubiKit modules with different version numbers. The modules are:
- Core
-
The core module defines the main SDK concepts and provides interfaces for interacting with a YubiKey, as well as common utilities used by the various other modules. All other modules depend on this.
- Android
-
This module provides concrete implementations for the interfaces in core, the YubiKitManager class which is used to get a reference to a YubiKey, as well as various reusable UI elements.
- Fido
-
This module adds FIDO2 support. Current implementation supports Webauthn Level 2 and CTAP 2.0 for managing FIDO credentials on YubiKeys.
- Management
-
This module provides the ability to read out metadata from a YubiKey, such as its serial number, and firmware version. It also allows changing the configuration of a YubiKey, to enable/disable other applications, etc.
- YubiOTP
-
This module lets you configure the YubiOTP application. This includes configuring the two "keyboard slots", and using the Challenge-Response functionality.
- OATH
-
This module lets you configure and use the OATH application on a YubiKey. It can store and use up to 32 OATH (TOTP or HOTP) credentials.
- PIV
-
This module lets you configure and use the PIV application on a YubiKey. It supports importing, generating, and using private keys. Reading and writing data objects such as X.509 certificates, and managing access (PIN, etc).
- Support
-
This module contains helper functionality such as getting information about YubiKeys.
A good place to get started is to clone the repository and try out the included demo app. To integrate the SDK into your app, add the desired dependencies to your Gradle configuration, and proceed with the instructions provided with the modules you are using, starting with the Android module.
If you run into any issues during the development process, please fill out a developer support ticket and our team will be happy to assist you.
A1. All YubiKit modules should work on Android API 19+. Yubico typically tests and supports n-1 per https://en.wikipedia.org/wiki/Android_version_history.
A2. Set up Android Debug Bridge (adb) debugging over WiFi: https://developer.android.com/studio/command-line/adb#wireless
A3. This is an Android limitation. Android handles these permissions at the OS level. The only workaround is to use an intent filter, as described in the Android Developers Guide USB Host Overview. However, if you apply this filter to remove the permissions prompt, then you cannot prevent your app from launching automatically whenever the YubiKey is connected.
A4. Yes. The Android module provides functionality to detect and connect to YubiKeys over both USB and NFC.
-
Yubico Developers site - developers.yubico.com
-
Android Developers site - developer.android.com