0

I want to understand what happens if two or more different apks tries to register with an account authenticator of same account-type.

some articles like this http://blog.udinic.com/2013/04/24/write-your-own-android-authenticator (and SO questions like Android - How to protect or delete an account when application is uninstalled? )

says that its always first come first serve basis (FCFS) - so the first app's Authenticator will be in-charge till it is uninstalled ( in which case the second app will take incharge ) I tried this with three different test apps and it seem to work like that ( FCFS basis )

Is that the case ALWAYS or are there any exceptions where the authenticator from second app can take ownership sometimes ?

The intended behaviour is not documented anywhere in android docs ( at least i was not able to see that so far )

Can you please let me know what is the documented behaviour ? also, please point me to the documented links.

Thanks,

Community
  • 1
  • 1
naiveCoder
  • 1,009
  • 4
  • 16
  • 28
  • You are absolutely right, it is not documented, but it works exactly as you said, FCFS. The second app's installation should be blocked as this is a security issue if default/automatic overriding of accounts happens. It becomes equivalent to account hijacking. – gaara87 Sep 15 '16 at 17:46
  • Even if this is very old, this seems to be the same design issue like for permissions there also FCFS is applied. I guess in Android 6.0 or 7.0 this was fixed. Regarding permissions there should be a blog entry be commonwealth – rekire Dec 11 '16 at 11:40

0 Answers0