Android

How to install, configure and use the Castle Android SDK

👩‍💻 Looking for the source code? The Castle Android SDK is available on GitHub.

Installation

Step 1. Configure with API key

Grab your Publishable API Key from the Castle Dashboard Settings Page and configure the SDK:

import io.castle.android.Castle

// Place the below in your Application class onCreate method
Castle.configure(application, "{Publishable-API-Key}")
import io.castle.android.Castle;

// Place the below in your Application class onCreate method
Castle.configure(application, "{Publishable-API-Key}");

The Castle SDK collects fingerprint information from the device and sends this information directly to Castle. These requests are batched to optimize device performance. See the last section, Configuration Notes, to make changes to the way Castle collects and batch-processes this fingerprint information.

Step 2. Forward the fingerprint

The Castle Android SDK generates a value that we call the request_token. Forward the Castle request_token in relevant requests to your application server.

The request_token value contains a proprietary signature of the mobile device fingerprint. This value should not be used as an identifier. It should be treated as a token. The value will change over time.

You will need to forward the request token as a request header to every request to your API. You can specify this header name in the SDK configuration. The default value is X-Castle-Request-Token.

// OkHttp
requestBuilder.header(
    Castle.requestTokenHeaderName,
    Castle.createRequestToken()
)

// HttpURLConnection
httpUrlConnection.setRequestProperty(
    Castle.requestTokenHeaderName,
    Castle.createRequestToken()
)

// Volley
headers.put(
    Castle.requestTokenHeaderName,
    Castle.createRequestToken()
)
// OkHttp
requestBuilder.header(
    Castle.requestTokenHeaderName,
    Castle.createRequestToken()
);

// HttpURLConnection
httpUrlConnection.setRequestProperty(
    Castle.requestTokenHeaderName,
    Castle.createRequestToken()
);

// Volley
headers.put(
    Castle.requestTokenHeaderName,
    Castle.createRequestToken()
);

Step 3. (optional) Additional configuration

  • The SDK allows for additional configuration options. Please refer to the documentation packaged with the SDK code for full details.
val configuration = CastleConfiguration.Builder()
  .publishableKey("{Publishable-API-Key}")
  .debugLoggingEnabled(true) // Default false
  .flushLimit(10) // Default 20
  .baseURLAllowList(listOf("https://api.castle.io/"))
  .maxQueueLimit(100) // Default 1000
  .build()

// Setup Castle SDK with provided configuration
Castle.configure(application, configuration)
ArrayList<String> baseURLAllowList = new ArrayList<>();
baseURLAllowList.add("https://api.example.com/");

CastleConfiguration configuration = new CastleConfiguration.Builder()
  .publishableKey("{Publishable-API-Key}")
  .debugLoggingEnabled(true) // Default false
  .flushLimit(10) // Default 20
  .baseURLAllowList(baseURLAllowList)
  .maxQueueLimit(100) // Default 1000
  .build();

// Setup Castle SDK with provided configuration
Castle.configure(application, configuration);

Configuration notes

Queue flushing

The SDK queues API calls to save battery life, and it only flushes queued events to the Castle API whenever the app is installed, updated, opened or closed; when identify is called; or when the queue reaches 20 events. This ensures that the device fingerprint is fully profiled before any requests to your server side.

Automatic screen tracking

When automatic screen tracking is enabled, any activities or view controllers shown will automatically generate a screen event. The screen name will use a normalized version of the activities or view controllers title. For more granular control, we suggest disabling automatic screen tracking (on by default) and calling screen manually.