Project: /_project.yaml Book: /_book.yaml
Defined in fuchsia.identity.account/account_manager.fidl
AccountManager manages the overall state of Fuchsia accounts and personae on a Fuchsia device, installation of the AuthProviders that are used to obtain authentication tokens for these accounts, and access to TokenManagers for these accounts.
The AccountManager is the most powerful protocol in the authentication system and is intended only for use by the most trusted parts of the system.
Returns a vector of all unlocked accounts provisioned on the current device.
Returns a vector of all unlocked accounts provisioned on the current device and the current authentication state for each.
Connects a channel to read properties of and perform operations on one account.
id The account's identifier as returned by GetAccountIds() context_provider An AuthenticationContextProvider capable of supplying UI contexts used for interactive authentication on this account account The server end of an Account channel
Connects a channel that will receive changes in the provisioned accounts and their authentication state. Optionally this channel will also receive the initial set of accounts and authentication states onto which changes may be applied.
listener The client end of an AccountListener channel options An AccountListenerOptions that defines the set of events to be sent to the listener.
Removes a provisioned Fuchsia account from the current device, revoking any credentials that are held for the account.
id The account's identifier as returned by GetAccountIds() force If true, continues removing the account even if revocation of credentials fails. If false, any revocation failure will result in an error and the account will remain. In this case, a subset of the credentials may have been deleted.
Adds a Fuchsia account to the current device based on authenticating to a service provider (such as Google). If the service provider account is not already a recovery account for any Fuchsia account, a new Fuchsia account will be created with its recovery account set to the service provider account.
auth_context_provider An AuthenticationContextProvider capable of supplying UI contexts used for interactive authentication auth_provider_type A unique identifier for an installed AuthProvider that should be used to authenticate with the service provider lifetime The lifetime of the account
Returns: account_id The identifier of the newly added account
Adds a new, initially empty, Fuchsia account to the current device.
lifetime The lifetime of the account
Returns: account_id The identifier of the newly added account
Defined in fuchsia.identity.account/account_manager.fidl
A protocol to receive events when the set of accounts on a device or the authentication states of these accounts change.
AccountListeners may be registered through the AccountManager protocol and this registration also defines which types of event should be sent to the listener. Optionally, the AccountListener will receive an initial state event onto which the change events may be safely accumulated.
All methods include an empty response to follow the “Throttle push using acknowledgements” FIDL design pattern.
A method that is called to communicate the initial set of accounts and their authentication states. OnInitialize is called exactly once if and only if AccountListenerOptions.initial_state was set when creating the AccountListener. When called, it will always be the first call on the channel. If no accounts are present on the device the vector will be empty.
A method that is called when a new account is added to the device. This method is only called if AccountListenerOptions.add_account was set when creating the AccountListener.
A method that is called when a provisioned account is removed. This method is only called if AccountListenerOptions.remove_account was set when creating the AccountListener.
A method that is called when the authentication state of any provisioned account changes.
Defined in fuchsia.identity.account/auth_target.fidl
A protocol to receive events when the authentication state of an account changes.
AuthListeners may be registered through the AuthTarget protocol and this registration also defines the types of authentication state changes that should be sent to the listener.
All methods include an empty response to follow the “Throttle push using acknowledgements” FIDL design pattern.
A method that is called when the AccountListener is first connected.
A method that is called when the authentication state of the account changes.
Defined in fuchsia.identity.account/auth_target.fidl
A protocol that is extended by other protocols defining an entity (referred to as the “target”) with an authentication state, such as a Fuchsia account or persona.
AuthTarget defines a set of methods to monitor the current authentication state of an entity and to request changes in that authentication state.
Returns the current AuthState of the target.
Connects a channel that will receive changes in the authentication state of the target.
listener The client end of an AuthListener channel initial_state If true, the listener will receive the initial auth state in addition to any changes. granularity An AuthChangeGranularity expressing the magnitude of change in authentication state than should lead to a callback
Defined in fuchsia.identity.account/auth_target.fidl
A protocol that exposes information about the personae and recovery account for a Fuchsia account and provides methods to manipulate these.
An Account provides access to sensitive long term identifiers and is only intended only for use by a small number of trusted system components.
Returns the current AuthState of the target.
Connects a channel that will receive changes in the authentication state of the target.
listener The client end of an AuthListener channel initial_state If true, the listener will receive the initial auth state in addition to any changes. granularity An AuthChangeGranularity expressing the magnitude of change in authentication state than should lead to a callback
Returns a human readable name for the account. Account names are set by a human and are not guaranteed to be meaningful or unique, even among the accounts on a single device.
Returns the account's lifetime.
Returns a vector of all the personae defined for the account. NOTE: Currently all Fuchsia accounts have exactly one persona.
Connects a channel to read properties of and access tokens for the default persona for the account.
persona The client end of a Persona channel
Returns: id The identifier for the default persona
Connects a channel to read properties of and access tokens for one of the personae for the account.
id The persona's identifier as returned by GetPersonaIds() persona The client end of a Persona channel
Returns the service provider account that can be used to access the Fuchsia account if more direct methods of authentication are not available, provided such an account exists.
Returns: The ServiceProviderAccount used for recovery if one exists
Sets the service provider account that can be used to access the Fuchsia account if more direct methods of authentication are not available.
account The ServiceProviderAccount to use as the recovery account. This must be an existing account that has already been provisioned on the current device using TokenManager.
Defined in fuchsia.identity.account/auth_target.fidl
A protocol that exposes basic information about a Fuchsia persona and access to the authentication tokens that are visible through it.
Note a Persona purposefully does not provide access to a long term identifier for the persona. This is to support components in the system that work with short lived identifiers (e.g. SessionManager), but note that long term identifiers can usually still be derived via the TokenManger protocol.
Returns the current AuthState of the target.
Connects a channel that will receive changes in the authentication state of the target.
listener The client end of an AuthListener channel initial_state If true, the listener will receive the initial auth state in addition to any changes. granularity An AuthChangeGranularity expressing the magnitude of change in authentication state than should lead to a callback
Returns the lifetime of this persona.
Connects a channel to acquire and revoke authentication tokens for service provider (aka cloud service) accounts that are visible through this persona.
application_url A url for the Fuchsia agent that this channel will be used by. Applications are only allowed to access tokens that they created. token_manager The client end of a Persona channel
generated
generated
generated
generated
generated
generated
Defined in fuchsia.identity.account/account_manager.fidl
An AuthState along with the account that it applies to.
Defined in fuchsia.identity.account/account_manager.fidl
The configuration for an AccountListener, defining the set of events that it will receive.
generated
generated
generated
generated
generated
generated
generated
Type: uint8
Defined in fuchsia.identity.account/common.fidl
Provides an upper bound to how long a Fuchsia account can live on the current device.
Type: uint32
Defined in fuchsia.identity.account/common.fidl
Specifies the reason that a fuchsia.identity.account method failed.
generated
generated
generated
generated
generated
generated
generated
generated
generated
generated
generated
generated
generated