Libraries tagged by user-identities
yiisoft/user
142541 Downloads
Convenient user identity management and access checking
passbase/passbase-php
36980 Downloads
# Introduction Welcome to the Passbase Verifications API docs. This documentation will help you understand our models and the Verification API with its endpoints. Based on this you can build your own system (i.e. verification) and hook it up to Passbase. In case of feedback or questions you can reach us under this email address: [[email protected]](mailto:[email protected]). A User submits a video selfie and valid identifying __Resources__ during a __Verification__ guided by the Passbase client-side integration. Once all the necessary __Resources__ are submitted, __Data points__ are extracted, digitized, and authenticated. These Data points then becomes part of the User's __Identity__. The User then consents to share __Resources__ and/or __Data points__ from their Identity with you. This information is passed to you and can be used to make decisions about a User (e.g. activate account). This table below explains our terminology further. | Term | Description | |-----------------------------------------|-------------| | [Identity](#tag/identity_model) | A set of Data points and Resources related to and owned by one single User. This data can be accessed by you through a Verification. | | Data points | Any data about a User extracted from a Resource (E.g. Passport Number, or Age). | | [Resource](#tag/resource_model) | A source document used to generate the Data points for a User (E.g. Passport). | | [User](#tag/user_model) | The owner of an email address associated with an Identity. | | Verification | A transaction through which a User consents to share Data points with you. If the Data points you request are not already available in the User's Identity, the Passbase client will ask the User to submit the necessary Resource required to extract them. | | Re-authentication (login) | A transaction through which a User can certify the ownership of Personal data previously shared through an Authentication. | # Authentication There are two forms of authentication for the API: • API Key • Bearer JWT Token
foundata/identity_from_directory
318 Downloads
Populate and maintain user identities automatically on each login, based on corresponding LDAP or Active Directory user data.
natureshadow/user_identities_oidc
73 Downloads
Populates a user's identities from their userinfo after OAuth/OIDC login
foundata/identity_from_config
20 Downloads
Populate and maintain user identities automatically on each login, based on corresponding data from a static config file.
agednerd/laravel-masquerade
5 Downloads
Securely assume another user's identity in modern Laravel applications.
realconnex/user-identity
185 Downloads
Realconnex user identity library.
chuoke/laravel-user-identities
13 Downloads
Multi-auth identities for Laravel: decouple auth data from your users table.
alphanoob1337/postfixadmin_user_identities
6 Downloads
The user identities are created and updated from a postfixAdmin database.
mastersteelblade/discriminator
10 Downloads
A simple package to handle basic discriminator manipulation for user management.
piko/user
76 Downloads
A lightweight user session manager to login/logout and retrieve user identity.
konfig/dojah-php-sdk
38 Downloads
Use Dojah to verify, onboard and manage user identity across Africa!
haoc/opentelemetry-laravel
13 Downloads
HAOC OpenTelemetry instrumentation for Laravel — traces, logs, user identity, and infrastructure tracking
daphascomp/daphascompsms
2 Downloads
# Authentication Requests made to our APIs must be authenticated, there are two ways to do this: 1. Authenticating using your API apiUsername and apiPassword - `Basic Auth` 2. Authenticating using an Auth Token - `Bearer Token` ## Method 1: Basic Auth Basic Authentication is a method for an HTTP user agent (e.g., a web browser) to provide a apiUsername and apiPassword when making a request. When employing Basic Authentication, users include an encoded string in the Authorization header of each request they make. The string is used by the request’s recipient to verify users’ identity and rights to access a resource. The Authorization header follows this format: > Authorization: Basic base64(apiUsername:apiPassword) So if your apiUsername and apiPassword are `onfon` and `!@pas123`, the combination is `onfon:!@pas123`, and when base64 encoded, this becomes `b25mb246IUBwYXMxMjM=`. So requests made by this user would be sent with the following header: > Authorization: Basic b25mb246IUBwYXMxMjM= | Description | | ---------------------------------------------------------------------------------------------- | | **apiUsername** `String` `Required` Your onfon account apiUsername, retrieved from portal | | **apiPassword** `String` `Required` Your onfon account apiPassword, retrieved from portal | ## Method 2: Bearer Tokens This authentication stategy allows you to authenticate using JSON Web Token ``JWT` that will expire after given duration. Each Access Token is a `JWT`, an encoded JSON object with three parts: the `header`, the `payload`, and the `signature`. The following is an example Access Token generated for Conversations > Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c ### Getting the token To generate the token, make a `POST` request to `/v1/authorization` endpoint with your `apiUsername` and `apiPassword` This request should be made from your server and not on the client side such as browser or mobile environment. You will receive a JSON similar to below: `{ "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c", "validDurationSeconds": 3600}` You can use the token received to make API calls. The token will be valid for value of `validDurationSeconds`, before which you should generate a new token. #### Request Body ``` { "apiUsername": "root", "apiPassword": "hakty11" } ``` #### Response Body ``` { "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c", "validDurationSeconds": 3600 } ``` #### Example Curl ``` curl --location --request POST 'https://apis.onfonmedia.co.ke/v1/authorization' \ --data-raw '{ "apiUsername": "correctapiUsername", "apiPassword": "correctapiPassword" } ``` #### Making an API call You will be required to pass the token in `Authorization` header prefixed by `Bearer` when calling other endpoints. Example `Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c`
ashpie/identity_db
10 Downloads
Updates user's identities on login based on a database query. Some update rules are configurable.