cipher
Page tree

Versions Compared

Old Version 8

changes.mady.by.user Pooja

Saved on

compared with

New Version 9

changes.mady.by.user Seema

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Div
classdeveloper-cookbook-inner-page-title
HTML Table
classtagline-page-title
Table Row (tr)
Table Cell (td)
classtitle-text

Instructions Learn about how to generate the SDK authentication token.

Fusion allows you to integrate your servers with SDK based on the authentication . SDK authentication involves the generation of authentication token with custom attributes. You can use this token to authenticate the Fusion API calls on token on both Android and iOS platforms.To begin with the Cipher SDK integration, you are required to go through an authentication process. This process involves a pre-exchange of asymmetric keys between the SDK framework and your servers. A private key is responsible   The token generation process involves generating and configuring the key-pair. The private key of the key-pair is responsible for signing the authentication token. 

About Maven repository

In general, a Maven repository holds build artifacts and dependencies of varying types. The maven repositories are of two types such as local and remote.

  • The local repository is a directory on the computer where Maven runs.
  • A remote repository is accessible externally by using a variety of protocols such as file:// and https://.

Local and remote repositories are structured the same way so that scripts can run on either side, or they can be synced for offline use. However, the layout of the repositories is completely transparent to any Maven user.

Before you begin

Take care of the following prerequisites before you move to SDK authentication process:

  1. Add the following Maven repository URLs in the POM file of your project.

    Code Block
    themeMidnight
    titleMaven repositories
    linenumberstrue
    maven{url 'https<project>
...
 <repositories>
 <repository>
 <id>apollo-maven</id>
 <name>Apollo maven</name>
 <url>https://apollo-maven.corp.zeta.in/nexus/content/repositories/releases/'}
maven{url 'https</url>
 </repository>
 <repository>
 <id>apollo-maven-snapshots</id>
 <name>Apollo maven snapshot</name>
 <url>https://apollo-maven.corp.zeta.in/nexus/content/repositories/snapshots/'}</url>
 </repository>
 </repositories>
...
</project>

  2. Add the following dependenciesin your project.

    Code Block
    themeMidnight
    titleDependencies
    linenumberstrue
    <groupId>in.zeta.apollo</groupId>
<artifactId>tenant-commons</artifactId>
<version>1.1</version>

  3. The private key along with token generation logic is shared with you through email.

How to generate an authentication token?

The SDK authentication process involves generation of authentication token with a configurable set of claims. This token must be generated on the server-side as it involves signing the data with a private key. The private key authentication token must never be compromisedbe generated and passed on to the SDK during runtime.

Info
  • The private key along with token generation logic is shared with you through email.
    • We recommend updating

    We recommend the following to be taken care during authentication token generation:

    • Keep the private key confidential. Therefore, the token generation logic should sit in the backend.
    • Update the token at every app launch. This ensures hassle-free creation of auth resource by the SDK authentication token whenever needed.
    • Always send a non-expired token while requesting authentication.
    Code Block
    themeMidnight
    titleJWT token generation
    linenumberstrue
    String jwtToken = AsymmetricJwtTokenGenerator.generateJWT(
				  <<issuerId>>,
                  <<base64EncodedPrivateKey>>,
                  <<algorithm>>,
                  <<claims>>,
                  <<expiryEpochTimeInMilliseconds>>);


    Parameter description

    • issuerID: Unique identifier of the issuer. An issuer can be a company or a business domain. For example, Zeta.
    • base64EncodedPrivatekey: A private key associated with the SDKof the key-pair generated during SDK authentication process. It is responsible for signing the data for the authentication token  generation.
    • algorithm: Algorithm used for key-pair generation. Currently, the key-pair used for signature is ECC urrently, we support EC algorithm.
    • expiryEpochTimeInMilliseconds: Expiration Expiration time of the token. This time is mentioned as an epoch time in milliseconds. 

    • claims: An element to support the dynamic string substitution featureClaims are statements based on declarations made by the

      Span
      idtenant
      classtooltip

      tenant

      in authentication token. You can add the claims in the SDK integration with Object type Map<String, Object>.

      Tooltip
      idtenant
      textA tenant is a fintech or organization onboarded with Zeta.
      directionSW

      Code Block
      themeMidnight
      titleSample Map for claims
      linenumberstrue
      {
	'tenantUniqueVectorId': '<unique identifier for the app user>'
}


      tenantUniqueVectorId: Unique identifier of the tenantUniqueVector generated by the

      Spanid

      tenant

      classtooltip

      tenant.

      This is the same ID that was earlier verified by the Zeta system during the registration.

      Tooltip
      idtenant
      textA tenant is a fintech or organization onboarded with Zeta.
      directionSW

      This ID and the signature are verified during generation of authentication token.

    Panel
    Div
    classalignLeftIcon

    On this page:

    Table of Contents

    Div
    classhelp-box

    Need Help?

    Drop a mail at fusion-support@zeta.tech or call us on 080-6690 5995.