Pluggable Verification

Introduction

Pluggable Verification is what enables the provision of custom verification methods instead of the default email confirmation process. This flow consists of two parts:

  • External verification - The Relying Party Application (RPA) creates their own unique verification flow based on their needs. Once the verification has passed, the RPA makes a request to the MIRACL platform to register an MPin Identity and receive an activation code for the given user.

  • User Registration - With the received activation code, the Client activates the user identity and finalizes the registration process on our platform.

sequenceDiagram Client ->+ RPA: Start verification process for userID RPA->+MIRACL: Generate MPin Identity and activation code MIRACL -->- RPA: mpinID, activation code RPA -->- Client: mpinID, activation code Client->+MIRACL: Initiate Registration with activation code MIRACL-->-Client: Client secret shares Client --> Client: Enter PIN Client --> Client: Complete identity registration

API Reference

  • POST /activate/initiate - Creates an MPin Identity and receives an activation token used to activate the identity during the registration process.

    Authorization: "Basic <base64(clientId:clientSecret)>"
    
    Payload: 
    {
        userId: string,
        deviceName: string
    }
    
    Response:
    {
        mpinId: string,
        hashMPinId: string,
        actToken: string,
        expireTime: integer
    }
    
  • PUT /rps/v2/user - Activates an identity using the given activation code and receives identity information.

    Payload:
    {
        userId: string,
        deviceName: string,
        activateCode: string
    }
    
    Response:
    {
        active: boolean,
        appId: string
        customerId: string,
        expireTime: integer,
        mpinId: string,
        nowTime: integer,
        regOTT: string
    }