MIRACL Trust Enrolment is a service that provides different enrolment flows for MIRACL Trust. It is based on the Pluggable Verification API and has different flows predefined. The service is based on a library that has all the capabilities exposed as a Golang package. This allows the implementation of any bespoke flow a customer wants.
MIRACL Trust Enrolment Service can be distributed in many formats and packages. For this documentation, the assumption is the service is distributed as a Linux binary.
Get the service
To get the service write to email@example.com.
Verification Service implements all flows, integrations, and the pluggable verification process. It exposes an HTTP API facilitating those flows and some admin actions that can be used directly or via the provided UI. Its endpoints are prefixed with
Enrolment Admin UI is a SPA and linking to the Verification Service exposes some flows and administrative actions.
Run the verification
The service can be configured either with environment variables or with flags. When a single configuration is configured using both - the flag takes precedence.
For a list of all configuration options run:
The service has a lot of defaults so running it is as simple as:
./verification \ --pv-client-id=*** \ --pv-client-secret=*** \ --pv-redirect-url=*** \ --oidc-client-id=*** \ --oidc-client-secret=*** \ --oidc-redirect-url=http://127.0.0.1:8001/login \ --authorized-users=*** \ --cors-domain=http://127.0.0.1:8001
There are couple of options here:
The main purpose of the verification service is to verify and enroll identities for a given MIRACL Trust App. This app is configured by using
The verification service has support for authentication and authorization for the administrative interface. The authentication is done with OpenID Connect and is configured using
--oidc-redirect-url. The authorization can be configured as a comma-separated list using
The verification service utilizes CORS which is configured with
--cors-domain. This is the domain the UI is running. It is used for adding CORS headers so then the UI can make requests to the verification service.
For information on different configuration options go to the features guide.