search

4.6 Authorization

hashtag
4.6.1 Authorize Employee

The authorizeEmployee function, typically used by the server-side of the app, authorizes the registration of a new employee by authorizing the employee's newly created employeePublicKey. The server-side of the app can optionally inspect the signatures present in employeePublicKey for valid creation of the new employee before calling authorizeEmployee on it. This is useful for applications that allow creation of new users in the app on the client side (using an app secret with roles ACCESS and CREATION) so that the app-server itself never gets access to the private key of the user even temporarily as a new user’s key-pair is created (and encrypted) on the client-side. By ensuring the app-secret with role AUTHORIZATION is still used only on the server-side of the app, we can prevent a rogue app with stolen app secret from creating unauthorized or fake users.

The function takes the following parameters :

  • employeePublicKey : EmployeePublicKey to be authorized.

  • companyName : Company name of the employee.

  • companyEmployeeId : Company employee id of the employee.

#include "BayunCore.h"

std::string employeePublicKey = "<employeePublicKey>"
std::string companyName = "<companyName>"
std::string companyEmployeeId = "<companyEmployeeId>"
Bayun::BayunAuthResponseCode responseCode = 
bayunCore->authorizeEmployee(employeePublicKey, companyName, companyEmployeeId);
if (responseCode == Bayun::BayunAuthResponseCode::Success) {
      //EmployeePublicKey is authorized successfully
}
circle-info

BayunCore class should be inited on app server using App Secret having role Authorization to be able to authorize an employee.

hashtag
4.6.2 Get Unauthorized Employee Public Key

The unauthorizedEmployeePublicKey function can be used on the server-side of the app to get the employeePublicKey for its authorization by the authorizeEmployee function.

The function takes the following parameters :

  • companyName : Company name of the employee.

  • companyEmployeeId : Company employee id of the employee.

Previous4.5 LogoutNext4.7 Change Password

Last updated