BayunCoreSDK C++ Programming Guide
  • 1. Introduction
  • 2. Quick Start Guide for Beginners
  • 3. Getting Started
  • 4. Authentication
    • 4.1 Register with Password
    • 4.2 Register without Password
    • 4.3 Login with Password
    • 4.4 Login without Password
    • 4.5 Logout
    • 4.6 Authorization
    • 4.7 Change Password
  • 5. BayunCoreSDK Operations
    • 5.1 Lock/Unlock File
    • 5.2 Lock/Unlock Text
    • 5.3 Lock/Unlock Binary Data
    • 5.4 Get Locking Key
  • 6. Groups
    • 6.1 Create Group
    • 6.2 Get My Groups
    • 6.3 Get Unjoined Public Groups
    • 6.4 Join Public Group
    • 6.5 Get Group By Id
    • 6.6 Add Group Member
    • 6.7 Add Group Members
    • 6.8 Remove Group Member
    • 6.9 Remove Group Members
    • 6.10 Remove Group Members Except List
    • 6.11 Leave Group
    • 6.12 Delete Group
  • 7. Run the sample program
Powered by GitBook
On this page
  • 4.6.1 Authorize Employee
  • 4.6.2 Get Unauthorized Employee Public Key

Was this helpful?

  1. 4. Authentication

4.6 Authorization

4.6.1 Authorize Employee

The authorizeEmployee function, typically used by the server-side of the app, authorizes the registration of a new employee by authorizing the employee's newly created employeePublicKey. The server-side of the app can optionally inspect the signatures present in employeePublicKey for valid creation of the new employee before calling authorizeEmployee on it. This is useful for applications that allow creation of new users in the app on the client side (using an app secret with roles ACCESS and CREATION) so that the app-server itself never gets access to the private key of the user even temporarily as a new user’s key-pair is created (and encrypted) on the client-side. By ensuring the app-secret with role AUTHORIZATION is still used only on the server-side of the app, we can prevent a rogue app with stolen app secret from creating unauthorized or fake users.

The function takes the following parameters :

  • employeePublicKey : EmployeePublicKey to be authorized.

  • companyName : Company name of the employee.

  • companyEmployeeId : Company employee id of the employee.

#include "BayunCore.h"

std::string employeePublicKey = "<employeePublicKey>"
std::string companyName = "<companyName>"
std::string companyEmployeeId = "<companyEmployeeId>"
Bayun::BayunAuthResponseCode responseCode = 
bayunCore->authorizeEmployee(employeePublicKey, companyName, companyEmployeeId);
if (responseCode == Bayun::BayunAuthResponseCode::Success) {
      //EmployeePublicKey is authorized successfully
}

BayunCore class should be inited on app server using App Secret having role Authorization to be able to authorize an employee.

4.6.2 Get Unauthorized Employee Public Key

The unauthorizedEmployeePublicKey function can be used on the server-side of the app to get the employeePublicKey for its authorization by the authorizeEmployee function.

The function takes the following parameters :

  • companyName : Company name of the employee.

  • companyEmployeeId : Company employee id of the employee.

#include "BayunCore.h"

std::string companyName = "<companyName>"
std::string companyEmployeeId = "<companyEmployeeId>"
std::string employeePublicKey = 
bayunCore->unauthorizedEmployeePublicKey(companyName, companyEmployeeId);
if (!employeePublicKey.empty()) {
      //EmployeePublicKey to be authorized.
}

Previous4.5 LogoutNext4.7 Change Password

Last updated 1 year ago

Was this helpful?