Krill SDK/krill.zone.shared.security/ClientPinStore

ClientPinStore

interface ClientPinStore(source)

Client-side PIN credential store.

Stores the PIN-derived Bearer token locally after the first-time user experience (FTUE) PIN entry and serves it to the HTTP/SSE clients on every outbound call. Implementations are platform-specific (JVM secret store, Android Keystore, iOS Keychain, browser localStorage).

Functions

Link copied to clipboard
abstract fun bearerToken(): String?

Returns the cached Bearer token derived from the user's PIN, or null if no PIN has been entered on this client yet (in which case callers should route the user back through the PIN-entry FTUE).

Link copied to clipboard
abstract fun clear()

Erases any persisted credential. Used when the user signs out, when a stale token has been rejected by the server, or during a factory reset.

Link copied to clipboard
abstract fun storePin(pin: String)

Derives a Bearer token from pin and persists it to the platform's secure storage. Callers should pass the raw PIN; the derivation (PBKDF2-HMAC-SHA256) happens inside the implementation so the raw PIN never has to leave the entry screen.

Generated by Dokka
© 2026 Copyright