Authentication process

Updated on 27 Apr 2020

Description

A User who was already onboarded to System Operator makes the first contact with the System Operator site and System Operator confirms that the user has the rights to access the system.

Actors

  1. External Entity that can interact with System Operator API acting as a Registered User.
  2. System Operator running “SDK.Finance” software and exposing the portfolio of financial APIs.

Preconditions

  1. There is a valid registered System Operator User.

Basic Flow

By default, this flow assumes that an External Entity sends Requests to System Operator Endpoints and the System Operator sends back Responses to External Entity.

  1. External Entity sends a Request to System Operator API Endpoint URL.

API Endpoint: https://sdkfinance.app/api/ui/#!/Authorization/login

Request body example:

{

 "login": "user1",

 "password": "password11"

}
  1. System Operator validates credentials.
  2. System Operator generates a security token and stores it for Authorization.
  3. System Operator sends a Response to External Entity with the following parameters

Response parameters: status, security token, expiration date, role, permissions, etc.

Optional Flow with Web Browser UI

  1. An individual using a web browser or mobile application requests a Login page.
  2. System Operator sends back a page with input fields for credentials:

Login and Password

  1. An individual enters credentials and sends it to the System Operator.

Endpoint URL: POST /authorization

Request body:

{
 "login": "string",
 "password": "string"
}
  1. System Operator validates credentials. If they are NOT valid, the logic flow returns to step 2.
  2. System Operator generates a unique TOKEN valid for the duration of this interaction and saves the token for future validation.
  3. System Operator sends the token to back to the Wallet Owner and includes the token in each of the following requests.

Exception Flow

  1. Execute Step 1 from Basic Flow.
  2. System Operator validates credentials and validation fails three times.
  3. System Operator puts the User on Hold and Administrator needs to get involved to generate temp password and to release the User.

Post Conditions

The user is given the Token to interact with the system.

Result example

Example of System Operator response:

{ 
   "status":"ok",
   "message":"string",
   "action":"TOKEN_CREATED",
   "authorizationToken":{ 
      "token":"string",
      "expiresAt":"2018-10-30T08:59:14.386Z"
   },
   "members":[ 
      { 
         "role":"string",
         "user":{ 
            "id":"string",
            "name":"string"
         },
         "organization":{ 
            "id":"string",
            "type":"string",
            "name":"string",
            "identificationStatus":"string",
            "contract_info":{ 
               "id":"string",
               "personType":"base"
            }
         },
         "permissions":[ 
            "string"
         ],
         "token":{ 
            "token":"string",
            "expiresAt":"2018-10-30T08:59:14.386Z"
         }
      }
   ]
}