- Docs
- Data Control Platform
- SDKs
- JavaScript
- User
User
The IronWeb SDK user namespace provides methods to act upon the currently authorized user.
Note: The SDK must be initialized before these methods can be called.
user.changePasscode()
IronWeb.user.changePasscode(currentPassword, newPassword)
A user must enter their password to authorize a new device or reauthorize a device after the deauthorizeDevice method is called. Under the hood this generates a new key pair for the device and allows data to be decrypted by the device private key. Each time a user authorizes a new device, they must enter their password.
In the case that your users want to update their password, use the changePasscode method and pass in the user’s current password and the password they would like to change it to.
Parameters
| Parameter Name | Value | Description |
|---|---|---|
currentPassword | string | The users current password value. |
newPassword | string | The users new password value. |
Response
Returns a Promise that resolves when a user’s password change is successful. In the case that a user’s password is incorrect, the promise will reject.
user.rotateMasterKey()
IronWeb.user.rotateMasterKey(password)
Rotate the current user’s private key, but leave the public key the same. There’s no black magic here! This is accomplished via multi-party computation with the IronCore webservice. Requires the users password to unlock the current user’s current master private key. Calls to rotate the users key can be done at any time, regardless of whether the users record is currently flagged for rotation.
Parameters
| Parameter Name | Value | Description |
|---|---|---|
password | string | The users current password value. |
Response
Returns a Promise that resolves when a user’s master private key has been rotated. In the case that a user’s password is incorrect, the promise will reject.
user.deauthorizeDevice()
IronWeb.user.deauthorizeDevice()
The deauthorizeDevice method clears the keys that are generated for that specific browser instance, essentially revoking access to encrypted data from this browser.
Device keys should be deauthorized every time a user logs out of your application in order to keep the authorization status in sync with your system.
Parameters
None
Response
Returns a Promise that will resolve when the targeted device keys are successfully cleared.
user.deleteDevice()
IronWeb.user.deleteDevice(deviceId?)
The deleteDevice method revokes access for a given device’s keys. If given no arguments it clears the keys that are generated for that specific browser instance, essentially revoking access to encrypted data from this browser.
This is useful when a user knows one of their own devices they don’t have access to is compromised or they need to log out of their current device.
Parameters
| Parameter Name | Value | Description |
|---|---|---|
deviceId | `number | undefined` |
Response
Returns a Promise that will resolve with the ID of the device deleted.
user.deleteDeviceByPublicSigningKey()
IronWeb.user.deleteDeviceByPublicSigningKey(devicePublicSigningKey)
The deleteDeviceByPublicSigningKey method revokes access for a given device’s keys, given the public signing key of that device.
This is useful when a user knows one of their own devices they don’t have access to is compromised.
Parameters
| Parameter Name | Value | Description |
|---|---|---|
devicePublicSigningKey | string | Public signing key of the current user’s device to delete. |
Response
Returns a Promise that will resolve with the ID of the device deleted.
user.listDevices()
IronWeb.user.listDevices()
The listDevices method lists all of the devices that exist for the currently logged in user.
Parameters
None
Response
If successful this method will resolve with an array of devices and information about them.
JSON{ "result": [ { "id": number, "name": string | null, "created": string, "updated": string, "publicSigningKey": string, "isCurrentDevice": boolean } ] }