The IronWeb SDK user namespace provides methods to act upon the currently authorized user.

Note: The SDK must be initialized before these methods can be called.


IronWeb.user.changePasscode(currentPassword, newPassword)

A user must enter their password to authorize a new device or reauthorize a device after the deauthorizeDevice method is called. Under the hood this generates a new key pair for the device and allows data to be decrypted by the device private key. Each time a user authorize a new device they must enter their password.

In the case that your users want to update their password, use the changePasscode method and pass in the user’s current password and the password they would like to change it to.


Parameter Name Value Description
currentPassword string The users current password value.
newPassword string The users new password value.


Returns a Promise that resolves when a user’s password change is successful. In the case that a user’s password is incorrect, the promise will reject.



The deauthorizeDevice method clears the keys that are generated for that specific browser instance, essentially revoking access to encrypted data from this browser.

Device keys should be deauthorized every time a user logs out of your application in order to keep the authorization status in sync with your system.




Returns a Promise that will resolve when the targeted device keys are successfully cleared.