User
The IronWeb SDK
user
namespace provides methods to act upon the currently authorized user. Note: The SDK must be initialized before these methods can be called.
user.changePasscode()
IronWeb.user.changePasscode(currentPassword, newPassword)
A user must enter their password to authorize a new device or reauthorize a device after the
deauthorizeDevice
method is called. Under the hood this generates a new key pair for the device and allows data to be decrypted by the device private key. Each time a user authorizes a new device, they must enter their password.In the case that your users want to update their password, use the
changePasscode
method and pass in the user’s current password and the password they would like to change it to.Parameters
Parameter Name | Value | Description |
---|---|---|
currentPassword | string | The users current password value. |
newPassword | string | The users new password value. |
Response
Returns a Promise that resolves when a user’s password change is successful. In the case that a user’s password is incorrect, the promise will reject.
user.rotateMasterKey()
IronWeb.user.rotateMasterKey(password)
Rotate the current user's private key, but leave the public key the same. There's no black magic here! This is accomplished via multi-party computation with the IronCore webservice. Requires the users password to unlock the current user's current master private key. Calls to rotate the users key can be done at any time, regardless of whether the users record is currently flagged for rotation.
Parameters
Parameter Name | Value | Description |
---|---|---|
password | string | The users current password value. |
Response
Returns a Promise that resolves when a user’s master private key has been rotated. In the case that a user’s password is incorrect, the promise will reject.
user.deauthorizeDevice()
IronWeb.user.deauthorizeDevice()
The
deauthorizeDevice
method clears the keys that are generated for that specific browser instance, essentially revoking access to encrypted data from this browser.Device keys should be deauthorized every time a user logs out of your application in order to keep the authorization status in sync with your system.
Parameters
None
Response
Returns a Promise that will resolve when the targeted device keys are successfully cleared.