Versions Compared

Old Version 15

changes.mady.by.user Irene Hernandez

Saved on

compared with

New Version 16

changes.mady.by.user Irene Hernandez

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Table of Contents
minLevel1
maxLevel3

...

GATACA Studio enables you to quickly create customizable verification templates for onboarding and sign-in processes while reducing personal data stored in your infrastructure.

...

Panel
bgColor#F4F5F7

A verification template defines a verification process, including:

  • Which verification credentials are required from a user to share

  • What additional security constraints requirements are needed from the user to comply with (e.g. 2FA)

...

Creating an Issuance template involves a 4-step process:

Step 1: Basic configuration

Verification template identifier - Name the verification template

...

Click on Create app button to define the remaining configuration variables:

...

Select DID method

You will have to select which DID you want to state as the Verifier.

...

QR Code viewing duration - How much time before the QR code expires?

This QR Code viewing duration is the amount of time available for the user users to scan the QR code, in seconds. After this time, the user will need to reload the page to get a new QR code.

Panel
bgColor#F4F5F7

Users that scan an expired QR code or a QR code that has been already been scanned will get an error in their wallets

Why do QR codes expire? Each QR code includes a unique session ID to uniquely identify the user’s authentication request. Sessions cannot be reused or used twice for security reasons.

Consent duration - How much time should my company store and process data shared by users?

Amount of time your company has organization desires to store and process data shared by users, in days.

In Europe, according to the GDPR, the storage limitation principles state that you should keep personal data for as long as the purpose is unfulfilled. Once the data has served its purpose, you should then delete it.When this time the minimum necessary time to fulfill the service.

When the consent duration has been reached, the user data will be deleted , and you won’t have any more access to it.

Callback

URL of a service that is notified by a post notification with the session data when the session has been validatedfrom your Studio account.

Service description - What to include in the service description?

Include briefly all relevant information about the service you provide and for which the user is requesting access.

...

Example:

...

Step 2: Requested Credentials

...

What credentials should I request from the user?

Establish the data you will be requesting from your users in order to authenticate them.

This data must be In this step you define which personal information (in the form of verifiable credentials) is necessary for you to verify your user before getting . Users will need to make sure they have these credentials in their wallet before requesting access to your serviceservices.

...

Scroll the list and tick those credentials you want to select, or use the search bar on top.

Example:

...

Define required and optional credentials

Required credentials mean that the information is critical to fulfilling the credential issuancemandatory to comply with your authentication process. Any other nice-to-have information should be marked as optional.

From the list of credentials that you will be requesting, select those that will be required or will remain optional.

...

Step 3: Constraints

...

Credential trust level - How to determine which credentials are trusted?

In this section, you will determine if the level of trust credentials you require from the requested credentials.

Example:

request from the user for authentication purposes need to be trusted.

...

Panel
bgColor#F4F5F7

Trusted Credentials are those whose Issuer is registered in Gataca’s Public Issuer Registry.

Unless your subscription tier allows you to request your DIDs to be registered in Gataca’s Public Issuer Registry, Credentials issued by you will not be trusted. Make sure you don’t require your issued credentials to be trusted for authentication purposes.

Credential data agreement - How to select the credential purpose

In this section, you will determine the reason why you are requesting the previously established required credentials from your users. This will be shown to your users.

...

...

Security configuration

Security mechanisms that provide In this last section you’ll define the extra security featuresmechanisms, such as 2FA via biometrics, OTPs, or in-app authentication.

The available security methods will depend on your subscription.

...

Step 5: Successful configuration

How to add an issuance template to the API key

Once you reach finish the end of creating an issuance template, you can select to add this template configuration of a Verification Template, you’ll see confirmation that the process has been successfully saved. You are now ready to test your Verification Template by adding it to an API Key.

...

When clicking on “Add to API Key“ a list of the available API keys for your templates will open.

Infopanel
bgColor#F4F5F7

If this is your first template, the creation of an API Key will appear instead. Jump to the tutorial on creating an API Key.

...

  1. Select the API Key you want to associate with the new template created.

  2. Insert the password provided when creating the API Key.

  3. Callback: Insert the URL of a service that is notified by a post notification with the session data when the session has been validated.

...

2. Create an API Key

Info

If you have already created an API Key, jump to the tutorial on how to test your template in the sandbox.

...

. If you already have API Keys, jump to Step 3.

...

2. Create an API Key

An API Key is a unique identifier and authentication key providing access to specific issuance and/or verification templates to your applications calling the Gataca Studio APIs.

Once you reach the end of creating an issuance template, you can select to add this template to an API Key. If you don’t have an API Key yet, you’ll have to create one in order to test your Template. The next steps show you how to create a new API Key.

On the left menu, click on API Keys.

...

Click on “New API Key” and set the basic configuration:

  • API Key Name: Choose an identifier for your API Key

  • DID: Select the DID associated with the new API Key. This will determine which administrators will have access to this API Key (only those with permissions to manage the corresponding DID).

  • SSI Operations: Select the credential issuance template you want to associate with this API Key from the SSI Operations dropdown.

...

You will be presented with the ID and password of the API Key created.

...

Panel
bgColor#F4F5F7

Make sure to store the API key password in a secure place. Once you close this tab, you will not be able to retrieve the password, you will only be able

...

to regenerate a new password. Learn how to regenerate a password here.

Anchor
Step3-Test-Verifier
Step3-Test-Verifier
3. Test it

...

Step 1: Associate an API Key to your Verification Template

Navigate to Verification templates on the left menu. Find the desired Verification template you would like to test and select click on the three dots, then click Edit.

...

Once the issuance verification template opens, on the top right, click on Try it.

...

Add to API Key.

...

Fill up the API Key information:

  1. Select API Key: Select an API Key you want to associate with the new template created.

  2. Password: Insert the password provided when creating the API Key. If you lost your password, you can regenerate a new password from the API Keys menu.

  3. Callback: This field is optional and not needed for testing purposes. Insert the URL of a service that is notified by a post notification with the session data when the session has been validated.

...

...

Step 2: Link your wallet to your Sandbox

You need to link your Wallet with your Sandbox in order to test your Verification Template. If you have not yet linked your Wallet with your Sandbox, click the Scan Now button to access the QR Code to join your sandbox and scan it with your wallet. The sandbox will allow you to perform private and secure tests of the platform.Once .

Panel
bgColor#F4F5F7

You can skip to Step 3 (Generate a Testing QR) if you already linked your Wallet with your Sandbox

...

Scan the QR code with your Wallet.

...

You will see confirmation in Wallet if the connexion with your sandbox has been successful, .

...

Step 3: Generate a testing QR

Now click on Generating test. Scan and scan the QR code generated to start testing.

...

Scan the QR code with your Wallet.

...

Your Wallet will then ask for to share the requested credentials. ConsentClick on consent.

You will then be immediately connected to the service because your identity has been verified.

...

Step 4: Review authenticated users

As a verifier, you will be able to monitor and manage your verified users by clicking on Verified Users in the Verifications section. You can decide to delete a verified user, refusing to accept its access to your platform, by clicking on the bin icon next to the user.

...