Risk Assessment (Driver Layer)#
Risk-assessment integrations (BankID and similar) need device-context fields the framework can attach to outgoing HAAPI requests. Configure the collection at construction time on the main thread so platform-specific APIs (UIDevice on iOS, applicationContext on Android) are accessible. For the concept and the fields collected, see Risk Assessment .
Configuration#
Build RiskAssessmentConfiguration on the main thread — typically in AppDelegate.application(_:didFinishLaunchingWithOptions:) — because UIDevice is main-actor-isolated:
let riskAssessmentConfiguration = RiskAssessmentConfiguration(
operatingSystemName: UIDevice.current.systemName,
operatingSystemVersion: UIDevice.current.systemVersion,
deviceModelName: UIDevice.current.deviceModelName,
applicatonIdentifier: Bundle.main.bundleIdentifier!
)
let haapiTokenManager = HaapiTokenManagerBuilder(
tokenEndpoint: tokenEndpoint,
clientId: clientId
)
.setRiskAssessmentConfiguration(riskAssessmentConfiguration)
.build()Pass the Android applicationContext into the builder from Application.onCreate. The framework reads system properties internally and persists the device-context fields for the lifetime of the application:
class ClientApplication : Application() {
lateinit var haapiTokenManager: HaapiTokenManager
override fun onCreate() {
super.onCreate()
haapiTokenManager = HaapiTokenManager.Builder(
clientId = clientId,
tokenEndpointUri = tokenEndpointUri
)
.setApplicationContext(applicationContext)
.build()
}
}Server support for risk-assessment integration requires the Curity Identity Server version 9.7.0 or later. On Android, set android:allowBackup="true" (the default) in AndroidManifest.xml so persisted device context survives backup-and-restore.
How to implement this: Risk Assessment (concept) · How to Integrate Risk Assessment