Comment on page
Services Storage and Interoperability
This section describes how HyperID serves as a secure storage solution for services, enabling them to store and retrieve user data
HyperID serves as a secure storage solution for services, allowing them to store user data with confidence. HyperID provides a robust key/value approach that enables services to store data for their own use within a secure environment.
This feature ensures that services can securely and conveniently access stored data whenever needed, all while maintaining compliance with regulatory standards.
In today's interconnected digital landscape, services often require secure communication and data exchange with one another without the need to invest significant effort and resources in developing communication protocols and custom integrations.
HyperID offers an elegant solution by serving as a standard communication method, facilitating interactions between services. Whether one service needs to store user data securely in HyperID's storage or another intends to retrieve it later for its own use, HyperID streamlines the process, ensuring efficient and secure data handling between services.
HyperID acts as an intermediary, empowering users to maintain control over their data, whether a service stores it for its own use or for another service. This user-centric approach ensures that users always have the final say regarding data access. Users can dictate who has access to their data, thereby ensuring compliance with regulatory standards.
To access and modify data, services must acquire specific scopes during the authorization process (such as 'user-data-set' and 'user-data-get' scopes). These scopes grant services the privileges to read and write data on behalf of users. However, users retain the power to revoke these scopes, effectively revoking the service's ability to read and/or write data.
This dynamic control mechanism empowers users to manage data access and ensures that services only operate with the permissions granted by the user.
It's important to emphasize that data stored in HyperID is expected to be encrypted. HyperID itself does not have access to the encryption keys, ensuring that the data remains private and accessible only to authorized parties with the requisite encryption keys. This added layer of security safeguards the data from unauthorized access, including HyperID.
To implement encryption, services can either utilize their own key infrastructure or take advantage of HyperID's Public Key Infrastructure (PKI) combined with the Elliptic Curve Diffie-Hellman (ECDH) key exchange method. Alternatively, services can opt for any other trusted encryption method of their preference.
Regardless of the chosen method, it is imperative to ensure that the key generation (and exchange process in case of interoperability) is executed with utmost security. This precaution guarantees that only the intended data recipient possesses the encryption keys required to decrypt the user's data.
HyperID offers two key API requests:
These requests facilitate the interaction between services and the HyperID platform. Requests enable services to efficiently manage and retrieve user-specific data, enhancing the overall user experience and data security.
Below, you'll find detailed descriptions and code samples for these requests to help you seamlessly integrate these features into your application.