| copyright | lastupdated | ||
|---|---|---|---|
|
2018-12-12 |
{:new_window: target="_blank"} {:shortdesc: .shortdesc} {:screen: .screen} {:codeblock: .codeblock} {:pre: .pre}
Blockchain Document Store authenticates human users through the following interactions. Through a UI, human users select their identity provider, authenticate, and receive an Onboarding Token, as follows:
-
The human user connects to the service onboarding URL for their organization, ** service-onboarding-basepath/v1/logins ** and selects their identity service provider. Note: The ** service-onboarding-basepath ** is unique per member organization.
-
The human user is redirected to the login page for their identity service provider, where the user submits their credentials (email address and password).
-
The identity provider returns a JSON Web Token (JWT) for the user to Blockchain Solution Manager.
-
A new access token is generated by Blockchain Solution Manager and returned to the user at the URL for their organization: service-onboarding-basepath/onboarding/v1/logins.
-
The human user passes this Onboarding Token, as proof of identity, to the Blockchain Document Store service.
-
Blockchain Document Store verifies the Onboarding Token by using the public key from Blockchain Solution Manager.
-
If the Onboarding Token has not been altered since it was initially signed, verification of the user identity is successful, and the human user can proceed to using the Blockchain Document Store service.
Proceed to Manage documents.