User

The IronNode SDK user namespace provides methods to interact with users that have been synced from your identity provider to IronCore. The SDK object in the examples below refers to the object that is returned once the initialization Promise has been resolved.

user.getPublicKey()

SDK.user.getPublicKey(userList)

Gets the list of user public keys given their provided IDs.

Parameters

Parameter NameValueDescription
userListstring | string[]Single or list of user IDs to retrieve public keys for.

Response

Returns a Promise which resolves with a map from the requested user IDs to their public key. If any requested user ID does not exist, its value will be null.

{
    "userID1": {"x": string, "y": string},
    "userID2": {"x": string, "y": string},
    "userID3": null //User does not exist
}

user.listDevices()

SDK.user.listDevices()

Get a list of all the users devices. Note that items returned from this API only mean that the device public key and transform key are still stored and active within the IronCore database. The associated private device key might no longer exist and be usable. Whenever deleting a local private device key, it's best to invoke the user.deleteDevice() {class="code"} method to keep device status consistent.

Parameters

None

Response

Returns a Promise which resolves with a list of the users devices and includes the ID, optional name, and created and updated times.

{
    "result": [
        {
            "id": number,
            "name": string | undefined,
            "created": string, //RFC 3339 formatted
            "updated": string //RFC 3339 formatted
        }
    ]
}

user.deleteDevice()

SDK.user.deleteDevice([deviceID])

Delete a device given its ID. Requests to the SDK using the deleted device keys will no longer work and the IronNode.User.generateDeviceKeys() method will need to be called to generate a new set of device keys.

Parameters

Parameter NameValueDescription
[deviceID]numberID of the device to delete. If not provided the device that is currently in use will be deleted and no SDK methods will work until it has been re-initialized.

Response

Returns a Promise which resolves with an object that shows the ID of the device that was successfully deleted.

{
    "id": number
}

user.rotateMasterKey()

SDK.user.rotateMasterKey(password)

Rotate the current user's private key, but leave the public key the same. There's no black magic here! This is accomplished via multi-party computation with the IronCore webservice. User key rotation can occur at any time but should be done whenever a users account is flagged as needing rotation.

Parameters

Parameter NameValueDescription
passwordstringThe users private key decryption password that was set at user creation time.

Response

Returns a Promise which resolves with an object that contains a flag that is true if additional key rotation is needed.

{
    "needsRotation": boolean
}

user.changePassword()

SDK.user.changePassword(currentPassword, newPassword)

Change a user's master private key escrow password.

Parameters

Parameter NameValueDescription
currentPasswordstringThe user's current private key escrow password
newPasswordstringThe user's new private key escrow password

Response

Returns a Promise which resolves with no value when the password has successfully been changed.

Features

We Are For

Trust Center

Contact Us

Follow Us