1. Docs

User

The IronWeb SDK user namespace provides methods to act upon the currently authorized user.

Note: The SDK must be initialized before these methods can be called.

user.changePasscode()

IronWeb.user.changePasscode(currentPassword, newPassword)

A user must enter their password to authorize a new device or reauthorize a device after the deauthorizeDevice method is called. Under the hood this generates a new key pair for the device and allows data to be decrypted by the device private key. Each time a user authorizes a new device, they must enter their password.

In the case that your users want to update their password, use the changePasscode method and pass in the user’s current password and the password they would like to change it to.

Parameters

Parameter Name Value Description
currentPassword string The users current password value.
newPassword string The users new password value.

Response

Returns a Promise that resolves when a user’s password change is successful. In the case that a user’s password is incorrect, the promise will reject.

user.rotateMasterKey()

IronWeb.user.rotateMasterKey(password)

Rotate the current user’s private key, but leave the public key the same. There’s no black magic here! This is accomplished via multi-party computation with the IronCore webservice. Requires the users password to unlock the current user’s current master private key. Calls to rotate the users key can be done at any time, regardless of whether the users record is currently flagged for rotation.

Parameters

Parameter Name Value Description
password string The users current password value.

Response

Returns a Promise that resolves when a user’s master private key has been rotated. In the case that a user’s password is incorrect, the promise will reject.

user.deauthorizeDevice()

IronWeb.user.deauthorizeDevice()

The deauthorizeDevice method clears the keys that are generated for that specific browser instance, essentially revoking access to encrypted data from this browser.

Device keys should be deauthorized every time a user logs out of your application in order to keep the authorization status in sync with your system.

Parameters

None

Response

Returns a Promise that will resolve when the targeted device keys are successfully cleared.

user.deleteDevice()

IronWeb.user.deleteDevice(deviceId?)

The deleteDevice method revokes access for a given device’s keys. If given no arguments it clears the keys that are generated for that specific browser instance, essentially revoking access to encrypted data from this browser.

This is useful when a user knows one of their own devices they don’t have access to is compromised or they need to log out of their current device.

Parameters

Parameter Name Value Description
deviceId `number undefined`

Response

Returns a Promise that will resolve with the ID of the device deleted.

user.deleteDeviceByPublicSigningKey()

IronWeb.user.deleteDeviceByPublicSigningKey(devicePublicSigningKey)

The deleteDeviceByPublicSigningKey method revokes access for a given device’s keys, given the public signing key of that device.

This is useful when a user knows one of their own devices they don’t have access to is compromised.

Parameters

Parameter Name Value Description
devicePublicSigningKey string Public signing key of the current user’s device to delete.

Response

Returns a Promise that will resolve with the ID of the device deleted.

user.listDevices()

IronWeb.user.listDevices()

The listDevices method lists all of the devices that exist for the currently logged in user.

Parameters

None

Response

If successful this method will resolve with an array of devices and information about them.

JSON
{ "result": [ { "id": number, "name": string | null, "created": string, "updated": string, "publicSigningKey": string, "isCurrentDevice": boolean } ] }

Was this page helpful?