HiveAuth
Search…
HiveAuth
Introduction
Support
Developer documentation
Protocol description
HAS for Applications
HAS for Wallets (PKSA)
Connection
Authentication
Authentication payload
Server encryption key Retrieval
Account registration
Authentications request
Feedback to user
Authentication approval
Authentication refusal
Errors
Transactions
Challenge
Tutorials
App code example
PKSA code example
Resources
Applications
Materials
Powered By GitBook
Authentication payload
To secure the communication between the application and the PKSA, they need to share some offline information NOT transmitted over the Internet that we will refer to as auth_req_payload. That information will not available to the HAS.
It can be provided to the PKSA through a QR code that is displayed by the app and manually scanned by the user, or by using a deep-link when on mobile.
The auth_req_payload has the following structure:

auth_req_payload

1
{
2
account: string
3
uuid: string,
4
key: string,
5
host: string
6
}
Copied!
Properties
  • account: the username of the account performing the authentication.
  • uuid: the request identifier received with the auth_wait reply.
  • key: an app-generated encryption key (we recommend using an uuid)
  • host: URL of the HAS server to connect to (ex: "wss://has.hiveauth.com")
With this information, the PKSA knows which host to connect to and which account it should register. It also knows it should receive an authentication request with a specific request identifier (uuid). Finally, it now owns a session encryption key (auth_key) that will be used to secure the authentication process and communication.
The PKSA should connect to the provided host and ask for the host encryption key
Previous
Authentication
Next
Server encryption key Retrieval
Last modified 5mo ago
Copy link
Contents
auth_req_payload