5.1 Register with Password

The registerEmployeeWithPassword function creates a new employee on Bayun's system with supplied (companyName, companyEmployeeId) combination, for subsequent authentication requests from this app using the given password, and initializes this employee's access to Bayun. The function takes the following parameters :

Let's say an employee has loginId username@bayunsystems.com.

  • activity : Activity Context.

  • companyName : Unique name of the company/tenant the registering employee belongs to, preferably in domain-name format for consistency, e.g. bayunsystems.com. This assumes that the user is getting access to the corresponding enterprise tenant with the same domain-name managed by their employer. In some cases the email domain of the user could be different from the domain of the tenant this user belongs to e.g. username@customdomain.com registering on a tenant with domain bayunsystems.com as a contractor, or on a generic tenant for individual accounts in a consumer use-case (e.g. tenant domain of “gmail.com”). In such a case, the domain-name part of the tenant is what should be used as the companyName parameter. Alternatively you can also choose to pass app's own internal companyId/tenantId for the registering employee as a parameter.

  • companyEmployeeId : EmployeeId unique within the company, e.g. username@bayunsystems.com. While just the "username" portion might suffice in some cases, it is preferable to use the full loginId for consistency (especially considering that full loginId has to be anyway used for a contractor or consumer use-case). Alternatively you can also choose to pass app's own internal employeeId that is unique within the specific companyName that was used above.

  • password : Password of the employee. Used to keep employee secret keys protected. Never stored or transmitted by BayunSDK in clear. If the developer wishes, it can be a cryptographic hash of the password instead of the cleartext password itself. Bayun just needs a unique secret known to the employee only, or something unique generated from it, for keeping the employee lockboxes protected in such a way that nobody other than the employee has access to it (similar to how iPhone does it with user’s device PIN).

  • authorizeEmployeeCallback : Block to be executed if employee public key authorization is pending, returns employeePublicKey.

  • successCallback : Success block to be executed after successful employee registration.

  • failureCallback : Failure block to be executed if employee registration fails, returns BayunError.

First account of the Company registered with Bayun is the Security Admin account.

Sample Code

String companyName = "bayunsystems.com"; //company portion from loginId
String companyEmployeeId = "username"; //username portion from loginId
String password = "<employeePassword>";

Handler.Callback authorizeEmployeeCallback = new Handler.Callback() {
        @Override
        public boolean handleMessage(Message message) {
                Log.d(TAG, "Authorization of EmployeePublicKey is Pending");
                String employeePublicKey = message.getData().getString("employeePublicKey", "");
                return false;
        }
};

Handler.Callback successCallback = new Handler.Callback() {
        @Override
        public boolean handleMessage(Message message) {
                 Log.d(TAG, "Employee Registered Successfully.");
                return false;
        }
 };


Handler.Callback failureCallback = new Handler.Callback() {
        @Override
        public boolean handleMessage(Message message) {
                String error = message.getData().getString("BayunError", "");
                Log.d(TAG, "Employee registration failed.");
                return false;
        }
 };
            
bayunCore.registerEmployeeWithPassword(activity, companyName, companyEmployeeId, password,
                                        authorizeEmployeeCallback, successCallback, failureCallback)
Previous5. AuthenticationNext5.2 Register without Password

Last updated