...
Check the video to see the whole flow. Below, you can see the step-by-step tutorial on creating a single-sign-on authentication process based on verifiable credentials.
...
1. Create a Verification Template
Verification templates are used to define identity verification requirements that can then be integrated with different applications.
...
Creating an Issuance template involves a 4-step process:
Step 1: Basic configuration
Verification template identifier - Name the verification template
The first step is to select your verification template name.
...
Click on Create app button to define the remaining configuration variables:
...
Select DID method
You will have to select which DID you want to state as the Verifier.
...
| Info |
|---|
QR Code viewing duration - How much time before the QR code expires?
QR Code viewing duration is the amount of time available for users to scan the QR code in seconds. After this time, the user will need to reload the page to get a new QR code.
...
Why do QR codes expire? Each QR code includes a unique session ID to uniquely identify the user’s authentication request. Sessions cannot be reused or used twice for security reasons.
Consent duration - How much time should my company store and process data shared by users?
Amount of time your organization desires to store and process data shared by users in days.
...
When the consent duration has been reached, the user data will be deleted from your Studio account.
Service description - What to include in the service description?
Include briefly all relevant information about the service you provide and for which the user is requesting access.
...
Step 2: Requested Credentials
What credentials should I request from the user?
In this step, you define which personal information (in the form of verifiable credentials) is necessary for you to verify your user. Users will need to make sure they have these credentials in their wallets before requesting access to your services.
...
Scroll the list and tick those credentials you want to select or use the search bar on top.
...
Define required and optional credentials
Required credentials mean that the information is mandatory to comply with your authentication process. Any other nice-to-have information should be marked as optional.
Select those that will be required or will remain optional from the list of credentials you will be requesting.
...
Step 3: Constraints
Credential trust level - How to determine which credentials are trusted?
In this section, you will determine if the credentials you request from the user for authentication purposes need to be trusted.
...
| Panel | ||||||
|---|---|---|---|---|---|---|
| ||||||
Trusted Credentials are those whose Issuer is registered in Gataca’s Public Issuer Registry Unless your subscription tier allows you to request your DIDs to be registered in Gataca’s Public Issuer Registry, Credentials issued by you will not be trusted. Make sure you don’t require your issued credentials to be trusted for authentication purposes. |
Credential data agreement - How to select the credential purpose
In this section, you will determine the reason why you are requesting the previously required credentials from your users. This will be shown to your users.
...
Security configuration
In this last section, you’ll define the extra security mechanisms, such as 2FA via biometrics, OTPs, or in-app authentication.
The available security methods will depend on your subscription.
...
Step 4: Successful configuration
Once you finish the configuration of a Verification Template, you’ll see confirmation that the process has been successfully saved. You are now ready to test your Verification Template by adding it to an API Key.
| Panel | ||
|---|---|---|
| ||
If this is your first template, the creation of an API Key will appear. If you already have API Keys, jump to Step 3. |
...
2. Create an API Key
An API Key is a unique identifier and authentication key providing access to specific issuance and/or verification templates to your applications calling the Gataca Studio APIs.
...
| Panel | ||
|---|---|---|
| ||
Make sure to store the API key password in a secure place. Once you close this tab, you will not be able to retrieve the password, you will only be able to regenerate a new password. Learn how to regenerate a password here. |
| Anchor | ||||
|---|---|---|---|---|
|
Step 1: Associate an API Key to your Verification Template
Navigate to Verification templates on the left menu. Find the desired Verification template you would like to test and, click on the three dots, then click Edit.
...
Select API Key: Select an API Key you want to associate with the new template created.
Password: Insert the password provided when creating the API Key. If you lost your password, you can regenerate a new password from the API Keys menu.
Callback: This field is optional and not needed for testing purposes. Insert the URL of a service that is notified by a post notification with the session data when the session has been validated.
...
Step 2: Link your wallet to your Sandbox
You need to link your Wallet with your Sandbox to test your Verification Template. If you have not yet linked your Wallet with your Sandbox, click the Scan Now button to access the QR Code to join your sandbox and scan it with your wallet. The sandbox will allow you to perform private and secure tests of the platform.
...
You will see confirmation in Wallet if the connexion with your sandbox has been successful.
...
Step 3: Generate a testing QR
Now click on Generating test and scan the QR code generated to start testing.
...
You will then be immediately connected to the service because your identity has been verified.
...
Step 4: Review authenticated users
As a verifier, you will be able to monitor and manage your verified users by clicking on Verified Users in the Verifications section. You can decide to delete a verified user refusing to accept its access to your platform by clicking on the bin icon next to the user.
...