YubiKit OATH Module

This module provides access to the OATH application on a YubiKey, for managing and using OATH TOTP and OATH HOTP credentials (as specified in RFC 6238 and RFC 4226).


To add the OATH module, along with the Android module as a dependencies to your project, add the following to your gradle configuration:

dependencies {
  implementation 'com.yubico.yubikit:android:(insert version here)'
  implementation 'com.yubico.yubikit:oath:(insert version here)'

This module depends on the core module, which will automatically be added as a transitive dependency to your project.

Communication with the OATH Application

To communicate with the OATH application on a YubiKey, use the OathSession class. You will need a SmartCardConnection to a YubiKey:

OathSession oath = new OathSession(smartCardConnection);
OathApplicationInfo info = oath.getApplicationInfo();

// Unlock with a password, if needed
if(info.isAuthenticationRequired()) {
  // Get the password from "somewhere"
  char[] password = passwordStore.getPassword(info.getDeviceId());

// Get stored credentials
List<Credential> creds = oath.getCredentials();

Additional Resources