Changes to Android SDK Auth Token Generation - March 24, 2017

Starting mid-April app auth tokens will be generated the first time an Android app requests it, instead of upon app installation. The reason for this change is to certify auth tokens are currently valid. Therefore, any app developers using the Android SDK to generate auth tokens should ensure your app:

  • Handles the CloverAuth.authenticate() method which can take up to 60 seconds to respond. In the meantime, your app should remain responsive and show ongoing progress.
  • Handles the edge case of AuthResult or AuthResult.authToken returned as null - indicating a failed call.
  • Does not store auth tokens on the Clover device. If your app needs an auth token, you should call CloverAuth.authenticate() to avoid issues with token expiration.
  • Requests auth tokens as early as possible to minimize the likelihood of issues.

Refer to the sample code below:

protected CloverAuth.AuthResult doInBackground(Void... params) {
    try {
        CloverAuth.AuthResult authResult = CloverAuth.authenticate(MainActivity.this, mAccount);
        if (authResult == null)
            Log.e(TAG, "Null AuthResult");
        else if (authResult.authToken == null)
            Log.e(TAG, "No auth token in AuthResult");
        return authResult;
    } catch (OperationCanceledException e) {
        Log.e(TAG, "Authentication cancelled", e);
    } catch (Exception e) {
        Log.e(TAG, "Error retrieving authentication", e);
    return null;

App developers who retrieve auth tokens using OAuth are not impacted by this change. For assistance, please use or contact us at [email protected].