passkeyType
Example passkey:
- JavaScript
- Kotlin
- Swift
- React Native
- Flutter
/**
* A Universal Passkey is a public and private key pair. The private key is
* generated and stored securely on the device's TEE. The public key is sent
* to the Beyond Identity cloud. The private key cannot be tampered with,
* viewed, or removed from the device in which it is created unless the user
* explicitly indicates that the trusted device be removed. Passkeys are
* cryptographically linked to devices and an Identity. A single device can
* store multiple passkeys for different users and a single Identity can have
* multiple passkeys.
*/
export interface Passkey {
/** The globally unique identifier of the passkey. */
id: string;
/**
* The time when this passkey was created locally. This could be different
* from "created" which is the time when this passkey was created on
* the server.
*/
localCreated: string;
/**
* The last time when this passkey was updated locally. This could be
* different from "updated" which is the last time when this passkey
* was updated on the server.
*/
localUpdated: string;
/** The base url for all binding & auth requests */
apiBaseUrl: string;
/** Associated key handle */
keyHandle: KeyHandle;
/**
* KeyType indicates where the key was created. This can be either "subtle"
* or "webauthn".
*/
keyType?: KeyType;
/** The current state of this passkey */
state: "Active" | "Revoked";
/** The time this passkey was created. */
created: string;
/** The last time this passkey was updated */
updated: string;
/** Tenant information associated with this passkey */
tenant: Tenant;
/** Realm information associated with this passkey */
realm: Realm;
/** Identity information associated with this passkey */
identity: Identity;
/** Theme information associated with this passkey */
theme: Theme;
}
/**
* Realm information associated with a `Passkey`. A Realm is a unique
* administrative domain within a `Tenant`. Some Tenants will only need
* the use of a single Realm, in this case a Realm and a Tenant may seem
* synonymous. Each Realm contains a unique set of Directory, Policy, Event,
* Application, and Branding objects.
*/
export interface Realm {
id: string;
displayName: string;
}
/**
* Identity information associated with a `Passkey`. An Identity is a unique
* identifier that may be used by an end-user to gain access governed by
* Beyond Identity. An Identity is created at the Realm level. An end-user
* may have multiple identities. A Realm can have many Identities.
*/
export interface Identity {
id: string;
displayName: string;
username: string;
primaryEmailAddress?: string;
}
/**
* Theme associated with a `Passkey`.
*/
export interface Theme {
logoUrlLight: string;
logoUrlDark: string;
supportUrl: string;
}
/**
* Tenant information associated with a `Passkey`. A Tenant represents an
* organization in the Beyond Identity Cloud and serves as a root container
* for all other cloud components in your configuration.
*/
export interface Tenant {
id: string;
displayName: string;
}
/**
* A Universal Passkey is a public and private key pair. The private key is generated, stored, and never leaves the user's devices' hardware root of trust (i.e. Secure Enclave).
* The public key is sent to the Beyond Identity cloud. The private key cannot be tampered with, viewed, or removed from the device in which it is created unless the user explicitly indicates that the trusted device be removed.
* Passkeys are cryptographically linked to devices and an Identity. A single device can store multiple passkeys for different users and a single Identity can have multiple passkeys.
*
* @property id The Globally unique ID of this passkey.
* @property localCreated The time when this passkey was created locally. This could be different from "created" which is the time when this passkey was created on the server.
* @property localUpdated The last time when this passkey was updated locally. This could be different from "updated" which is the last time when this passkey was updated on the server.
* @property apiBaseUrl The base url for all binding & auth requests
* @property keyHandle Associated key handle.
* @property state The current state of this passkey
* @property created The time this passkey was created.
* @property updated The last time this passkey was updated.
* @property tenant Tenant information associated with this passkey.
* @property realm Realm information associated with this passkey.
* @property identity Identity information associated with this passkey.
* @property theme Theme information associated with this passkey
*/
data class Passkey(
val id: PasskeyId,
val localCreated: String,
val localUpdated: String,
val apiBaseUrl: String,
val keyHandle: KeyHandle,
val state: State,
val created: String,
val updated: String,
val tenant: Tenant,
val realm: Realm,
val identity: Identity,
val theme: Theme,
) {
companion object {
fun from(coreAuthNCredential: AuthNCredentialResponse) =
Passkey(
id = coreAuthNCredential.id,
localCreated = coreAuthNCredential.localCreated,
localUpdated = coreAuthNCredential.localUpdated,
apiBaseUrl = coreAuthNCredential.apiBaseUrl,
keyHandle = coreAuthNCredential.keyHandle,
state = State.from(coreAuthNCredential.state),
created = coreAuthNCredential.created,
updated = coreAuthNCredential.updated,
tenant = Tenant(
id = coreAuthNCredential.tenantId,
displayName = coreAuthNCredential.tenant.displayName,
),
realm = Realm(
id = coreAuthNCredential.realmId,
displayName = coreAuthNCredential.realm.displayName,
),
identity = Identity(
id = coreAuthNCredential.identityId,
displayName = coreAuthNCredential.identity.displayName,
username = coreAuthNCredential.identity.username,
primaryEmailAddress = coreAuthNCredential.identity.primaryEmailAddress,
),
theme = Theme(
logoLightUrl = coreAuthNCredential.theme.logoUrlLight,
logoDarkUrl = coreAuthNCredential.theme.logoUrlDark,
supportUrl = coreAuthNCredential.theme.supportUrl,
),
)
}
}
/**
* The The unique identifier of the Realm.
*/
typealias RealmId = String
/**
* The The unique identifier of the Tenant.
*/
typealias TenantId = String
/**
* The The unique identifier of the Identity.
*/
typealias IdentityId = String
/**
* The Globally unique ID of a passkey.
*/
typealias PasskeyId = String
/**
* Associated key handle.
*/
typealias KeyHandle = String
/**
* State of a given [Passkey].
*/
enum class State {
/**
* Passkey is active
*/
ACTIVE {
override fun toString(): String {
return "active"
}
},
/**
* Passkey is revoked
*/
REVOKED {
override fun toString(): String {
return "revoked"
}
};
companion object {
fun from(state: String): State =
when (state.lowercase()) {
"active" -> ACTIVE
"revoked" -> REVOKED
else -> throw Exception("Cannot initialize State from invalid String value $state")
}
}
}
/**
* Tenant information associated with a [Passkey].
* A Tenant represents an organization in the Beyond Identity Cloud and serves as a root container for all other cloud components in your configuration.
*
* @property id The unique identifier of the tenant.
* @property displayName The display name of the tenant.
*/
data class Tenant(
val id: TenantId,
val displayName: String,
)
/**
* Realm information associated with a [Passkey].
* A Realm is a unique administrative domain within a `Tenant`.
* Some Tenants will only need the use of a single Realm, in this case a Realm and a Tenant may seem synonymous.
* Each Realm contains a unique set of Directory, Policy, Event, Application, and Branding objects.
*
* @property id The unique identifier of the realm.
* @property displayName The display name of the realm.
*/
data class Realm(
val id: RealmId,
val displayName: String,
)
/**
* Identity information associated with a [Passkey].
* An Identity is a unique identifier that may be used by an end-user to gain access governed by Beyond Identity.
* An Identity is created at the Realm level.
* An end-user may have multiple identities. A Realm can have many Identities.
*
* @property id The unique identifier of the identity.
* @property displayName The display name of the identity.
* @property username The username of the identity.
* @property primaryEmailAddress The primary email address of the identity.
*/
data class Identity(
val id: IdentityId,
val displayName: String,
val username: String,
val primaryEmailAddress: String?,
)
/**
* Theme associated with a [Passkey].
*
* @property logoLightUrl URL for resolving the logo image in light mode.
* @property logoDarkUrl URL for resolving the logo image in dark mode.
* @property supportUrl URL for customer support portal.
*/
data class Theme(
val logoLightUrl: String,
val logoDarkUrl: String,
val supportUrl: String,
)
/// A Universal Passkey is a public and private key pair. The private key is generated, stored, and never leaves the [Secure Enclave](https://support.apple.com/guide/security/secure-enclave-sec59b0b31ff/web).
/// The public key is sent to the Beyond Identity cloud. The private key cannot be tampered with, viewed, or removed from the device in which it is created unless the user explicitly indicates that the trusted device be removed.
/// Passkeys are cryptographically linked to devices and an Identity. A single device can store multiple passkeys for different users and a single Identity can have multiple passkeys.
public struct Passkey: Equatable, Identifiable, Hashable {
/// The globally unique identifier of the passkey.
public let id: Id
/// The time when this passkey was created locally. This could be different from "created" which is the time when this passkey was created on the server.
public let localCreated: Date
/// The last time when this passkey was updated locally. This could be different from "updated" which is the last time when this passkey was updated on the server.
public let localUpdated: Date
/// The base url for all binding & auth requests
public let apiBaseUrl: URL
/// Associated key handle.
public let keyHandle: KeyHandle
/// The current state of this passkey
public let state: State
/// The time this passkey was created.
public let created: Date
/// The last time this passkey was updated.
public let updated: Date
/// Tenant information associated with this passkey.
public let tenant: Tenant
/// Realm information associated with this passkey.
public let realm: Realm
/// Identity information associated with this passkey.
public let identity: Identity
/// Theme information associated with this passkey
public let theme: Theme
public init(
id: Passkey.Id,
localCreated: Date,
localUpdated: Date,
apiBaseUrl: URL,
keyHandle: KeyHandle,
state: Passkey.State,
created: Date,
updated: Date,
tenant: Tenant,
realm: Realm,
identity: Identity,
theme: Theme
){
self.id = id
self.localCreated = localCreated
self.localUpdated = localUpdated
self.apiBaseUrl = apiBaseUrl
self.keyHandle = keyHandle
self.state = state
self.created = created
self.updated = updated
self.tenant = tenant
self.realm = realm
self.identity = identity
self.theme = theme
}
}
extension Passkey {
/// The globally unique identifier of the passkey.
public struct Id: Equatable, Hashable, Codable {
public let value: String
public init(_ value: String) {
self.value = value
}
}
}
extension Passkey {
/// State of a given `Passkey`.
@frozen
public enum State: String, CaseIterable, Equatable, Hashable {
/// Passkey is active
case active
/// Passkey is revoked
case revoked
}
}
/// An Associated key handle.
public struct KeyHandle: Equatable, Hashable {
/// string value for the `KeyHandle`
public let value: String
public init(_ value: String) {
self.value = value
}
}
/**
* A Universal Passkey is a public and private key pair. The private key is generated, stored, and never leaves the user’s devices’ hardware root of trust (i.e. Secure Enclave).
* The public key is sent to the Beyond Identity cloud. The private key cannot be tampered with, viewed, or removed from the device in which it is created unless the user explicitly indicates that the trusted device be removed.
* Passkeys are cryptographically linked to devices and an Identity. A single device can store multiple passkeys for different users and a single Identity can have multiple passkeys.
*/
interface Passkey {
/**
* The globally unique identifier of the passkey.
*/
id: string;
/**
* The time this passkey was created.
*/
created: string;
/**
* The last time this passkey was updated.
*/
updated: string;
/**
* The time when this passkey was created locally.
* This could be different from "created" which is the time when this passkey was created on the server.
*/
localCreated: string;
/**
* The last time when this passkey was updated locally.
* This could be different from "updated" which is the last time when this passkey was updated on the server.
*/
localUpdated: string;
/**
* The base URL for all binding & auth requests
*/
apiBaseUrl: string;
/**
* Associated key handle.
*/
keyHandle: string;
/**
* Current state of the passkey.
*/
state: 'Active' | 'Revoked';
/**
* Realm information associated with this passkey.
*/
realm: PasskeyRealm;
/**
* Identity information associated with this passkey.
*/
identity: PasskeyIdentity;
/**
* Tenant information associated with this passkey.
*/
tenant: PasskeyTenant;
/**
* Theme information associated with this passkey.
*/
theme: PasskeyTheme;
}
/**
* Realm information associated with a `Passkey`.
* A Realm is a unique administrative domain within a `Tenant`.
* Some Tenants will only need the use of a single Realm, in this case a Realm and a Tenant may seem synonymous.
* Each Realm contains a unique set of Directory, Policy, Event, Application, and Branding objects.
*/
interface PasskeyRealm {
/**
* The unique identifier of the realm.
*/
id: string;
/**
* The display name of the realm.
*/
displayName: string;
}
/**
* Identity information associated with a `Passkey`.
* An Identity is a unique identifier that may be used by an end-user to gain access governed by Beyond Identity.
* An Identity is created at the Realm level.
* An end-user may have multiple identities. A Realm can have many Identities.
*/
interface PasskeyIdentity {
/**
* The unique identifier of the identity..
*/
id: string;
/**
* The display name of the identity.
*/
displayName: string;
/**
* The username of the identity.
*/
username: string;
/**
* The primary email address of the identity.
*/
primaryEmailAddress?: string;
}
/**
* Tenant information associated with a `Passkey`.
* A Tenant represents an organization in the Beyond Identity Cloud and serves as a root container for all other cloud components in your configuration.
*/
interface PasskeyTenant {
/**
* The unique identifier of the tenant.
*/
id: string;
/**
* The display name of the tenant.
*/
displayName: string;
}
/**
* Theme associated with a `Passkey`.
*/
interface PasskeyTheme {
/**
* URL resolving the logo in light mode.
*/
logoLightUrl: string;
/**
* URL resolving the logo in dark mode.
*/
logoDarkUrl: string;
/**
* URL for customer support.
*/
supportUrl: string;
}
/// A Universal Passkey is a public and private key pair. The private key is generated, stored, and never leaves the user's devices' hardware root of trust (i.e. Secure Enclave).
/// The public key is sent to the Beyond Identity cloud. The private key cannot be tampered with, viewed, or removed from the device in which it is created unless the user explicitly indicates that the trusted device be removed.
/// Passkeys are cryptographically linked to devices and an Identity. A single device can store multiple passkeys for different users and a single Identity can have multiple passkeys.
class Passkey {
/// The Globally unique ID of this passkey.
String id;
/// The time when this passkey was created locally. This could be different from "created" which is the time when this passkey was created on the server.
String localCreated;
/// The last time when this passkey was updated locally. This could be different from "updated" which is the last time when this passkey was updated on the server.
String localUpdated;
/// The base url for all binding & auth requests
String apiBaseUrl;
/// Associated key handle.
String keyHandle;
/// The current state of this passkey
PasskeyState state;
/// The time this passkey was created.
String created;
/// The last time this passkey was updated.
String updated;
/// Tenant information associated with this passkey.
PasskeyTenant tenant;
/// Realm information associated with this passkey.
PasskeyRealm realm;
/// Identity information associated with this passkey.
PasskeyIdentity identity;
/// Theme information associated with this passkey
PasskeyTheme theme;
Passkey({
required this.id,
required this.localCreated,
required this.localUpdated,
required this.apiBaseUrl,
required this.keyHandle,
required this.state,
required this.created,
required this.updated,
required this.tenant,
required this.realm,
required this.identity,
required this.theme,
});
static Passkey mapToPasskey(dynamic passkey) {
return Passkey(
id: passkey["id"],
localCreated: passkey["localCreated"],
localUpdated: passkey["localUpdated"],
apiBaseUrl: passkey["apiBaseUrl"],
keyHandle: passkey["keyHandle"],
state: PasskeyStateHelper.fromString(passkey["state"]),
created: passkey["created"],
updated: passkey["updated"],
tenant: PasskeyTenant.mapToTenant(passkey["tenant"]),
realm: PasskeyRealm.mapToRealm(passkey["realm"]),
identity: PasskeyIdentity.mapToIdentity(passkey["identity"]),
theme: PasskeyTheme.mapToTheme(passkey["theme"]),
);
}
String toJson() {
return "{"
"\"id\":\"$id\","
"\"localCreated\":\"$localCreated\","
"\"localUpdated\":\"$localUpdated\","
"\"apiBaseUrl\":\"$apiBaseUrl\","
"\"keyHandle\":\"$keyHandle\","
"\"state\":\"$state\","
"\"created\":\"$created\","
"\"updated\":\"$updated\","
"\"tenant\":${tenant.toJson()},"
"\"realm\":${realm.toJson()},"
"\"identity\":${identity.toJson()},"
"\"theme\":${theme.toJson()}}";
}
String toString() {
return "{\"Passkey\":${toJson()}}";
}
}
/// State of a given [Passkey]
enum PasskeyState {
/// [Passkey] is active
// ignore: constant_identifier_names
ACTIVE,
/// [Passkey] is revoked
// ignore: constant_identifier_names
REVOKED,
}
class PasskeyStateHelper {
static PasskeyState fromString(String state) {
switch (state.toLowerCase()) {
case "active":
return PasskeyState.ACTIVE;
case "revoked":
return PasskeyState.REVOKED;
default:
throw Exception(
"Cannot initialize PasskeyState from invalid String value $state");
}
}
}
/// Tenant information associated with a [Passkey]. A Tenant represents an organization in the Beyond Identity Cloud and serves as a root container for all other cloud components in your configuration.
class PasskeyTenant {
/// The unique identifier of the tenant.
String id;
/// The display name of the tenant.
String displayName;
PasskeyTenant({
required this.id,
required this.displayName,
});
static PasskeyTenant mapToTenant(dynamic passkey) {
return PasskeyTenant(
id: passkey["id"],
displayName: passkey["displayName"],
);
}
String toJson() {
return "{"
"\"id\":\"$id\","
"\"displayName\":\"$displayName\"}";
}
String toString() {
return "{\"Tenant\":${toJson()}}";
}
}
/// Realm information associated with a [Passkey].
/// A Realm is a unique administrative domain within a `Tenant`.
/// Some Tenants will only need the use of a single Realm, in this case a Realm and a Tenant may seem synonymous.
/// Each Realm contains a unique set of Directory, Policy, Event, Application, and Branding objects.
class PasskeyRealm {
/// The unique identifier of the realm.
String id;
/// The display name of the realm.
String displayName;
PasskeyRealm({
required this.id,
required this.displayName,
});
static PasskeyRealm mapToRealm(dynamic passkey) {
return PasskeyRealm(
id: passkey["id"],
displayName: passkey["displayName"],
);
}
String toJson() {
return "{"
"\"id\":\"$id\","
"\"displayName\":\"$displayName\"}";
}
String toString() {
return "{\"Realm\":${toJson()}}";
}
}
/// Identity information associated with a [Passkey].
/// An Identity is a unique identifier that may be used by an end-user to gain access governed by Beyond Identity.
/// An Identity is created at the Realm level.
/// An end-user may have multiple identities. A Realm can have many Identities.
class PasskeyIdentity {
/// The unique identifier of the identity.
String id;
/// The display name of the identity.
String displayName;
/// The username of the identity.
String username;
/// The primary email address of the identity.
String? primaryEmailAddress;
PasskeyIdentity({
required this.id,
required this.displayName,
required this.username,
required this.primaryEmailAddress,
});
static PasskeyIdentity mapToIdentity(dynamic passkey) {
return PasskeyIdentity(
id: passkey["id"],
displayName: passkey["displayName"],
username: passkey["username"],
primaryEmailAddress: passkey["primaryEmailAddress"],
);
}
String toJson() {
return "{"
"\"id\":\"$id\","
"\"displayName\":\"$displayName\","
"\"username\":\"$username\","
"\"primaryEmailAddress\":\"$primaryEmailAddress\"}";
}
String toString() {
return "{\"Identity\":${toJson()}}";
}
}
/// Theme associated with a [Passkey].
class PasskeyTheme {
/// URL to for resolving the logo image for light mode.
String logoLightUrl;
/// URL to for resolving the logo image for dark mode.
String logoDarkUrl;
/// URL for customer support portal.
String supportUrl;
PasskeyTheme({
required this.logoLightUrl,
required this.logoDarkUrl,
required this.supportUrl,
});
static PasskeyTheme mapToTheme(dynamic passkey) {
return PasskeyTheme(
logoLightUrl: passkey["logoLightUrl"],
logoDarkUrl: passkey["logoDarkUrl"],
supportUrl: passkey["supportUrl"],
);
}
String toJson() {
return "{"
"\"logoLightUrl\":\"$logoLightUrl\","
"\"logoDarkUrl\":\"$logoDarkUrl\","
"\"supportUrl\":\"$supportUrl\"}";
}
String toString() {
return "{\"Theme\":${toJson()}}";
}
}