User

The IronWeb SDK user namespace provides methods to act upon the currently authorized user.

A user must enter their password to authorize a new device or reauthorize a device after the deauthorizeDevice method is called. Under the hood this generates a new key pair for the device and allows data to be decrypted by the device private key. Each time a user authorizes a new device, they must enter their password.

In the case that your users want to update their password, use the changePasscode method and pass in the user’s current password and the password they would like to change it to.

Returns a Promise that resolves when a user’s password change is successful. In the case that a user’s password is incorrect, the promise will reject.

Rotate the current user's private key, but leave the public key the same. There's no black magic here! This is accomplished via multi-party computation with the IronCore webservice. Requires the users password to unlock the current user's current master private key. Calls to rotate the users key can be done at any time, regardless of whether the users record is currently flagged for rotation.

Returns a Promise that resolves when a user’s master private key has been rotated. In the case that a user’s password is incorrect, the promise will reject.

The deauthorizeDevice method clears the keys that are generated for that specific browser instance, essentially revoking access to encrypted data from this browser.

Device keys should be deauthorized every time a user logs out of your application in order to keep the authorization status in sync with your system.

None

Returns a Promise that will resolve when the targeted device keys are successfully cleared.