Single Sign-On


Single sign-on (SSO) is an authentication method that enables users to securely authenticate with multiple applications and websites by using just one set of credentials.

How does it work ?

You have your users create their SSIDs as well as identity tokens from those SSIDs. To sign in to your service, they will just need to input the IDs of the identity tokens.

In the background, you check that the identity tokens (which are NFTs) really belong to the users and if it does, get the SSID from the identity token.

To get an SSID from an identity token, you would have to query the SSI contract's metadata function to which you pass the identity token ID

// Example code

This will return a metadata object with the following format

struct SSIData {
    uint senderProfileId;
    uint receiverProfileId;
    uint auditorProfileId;
    uint deadline;
    string question;
    string answer;
    ProofType proofType;

To get the actual SSID, you will get the answer variable after verifying that the question is really SSID

// Complete code
function getSSID(uint _identity_token_id) external returns(string memory) {
    SSIData memory data = ISSI(ssiContract).metadata(identity_token_id)
    require(keccak256(abi.encodePacked(data.question)) == keccak256(abi.encodePacked("ssid")))
    return data.answer

You would use your users' SSID data collected from their identity tokens as their identifiers and sign them in after you perform that quick check

Last updated