Quick Start

# Portal Registration

First you have to register in the MIRACL Trust management portal at: https://miracl.com/get-started/.

Fill in your details and click ‘Submit’:

The login screen shows up. Here you can register a new ID and create a PIN code for in-browser authentication. You can also press the Log In Using Mobile button at the bottom right corner. A QR code shows up. To scan the code you can use the MIRACL Trust app or a normal QR reader. You are prompted to download and install the app:

# Portal Login

Whether you choose in-browser or mobile app login, you are prompted to:

  1. Create identity
  2. Confirm your identity (by email activation)
  3. Create a 4-digit PIN
  4. Login

# Create App

Once logged in, go to ‘Applications’ and click ’+ Add App’.

Now enter the details for your app:

# Redirect URL

The Redirect URL is the URL which is used to send the user back to your app once authentication has been approved, to enable the final retrieval of user details.

If your app runs locally on http://127.0.0.1:5000, then the redirect URL is http://127.0.0.1:5000/login, where the login endpoint usually handles the OIDC code exchange for ID and access tokens.

# Client ID and Secret

When you create a new app, you are issued the Client ID and Secret credentials. You need them when building your app with the SDK. The Client Secret is issued to you once so it must be saved when first displayed:

Client ID and Project ID can then be copied at any time from the app settings screen:

You can now continue your integration!

# Generate New App Keys

  1. Click on Applications in the main navigation.

    Your apps list is displayed.

  2. Click on Settings next to the desired app.

  3. The application settings are displayed.

  4. Click the Generate New Keys button in the Danger Zone section.

    A dialog box is displayed asking if you wish to proceed.

  5. Click the Yes button.

  6. You could copy the newly-generated client secret either by using the copy button at the end af the field or select and copy it manually.

# Identity Management

Identities and verification are set per project. Identities are shared between different application in the project. This way your users can have the same identity across all your applications.

Create a different project if you need separate identities between testing and production. Add “Sandbox” to your project name for such purposes. For example if you are “ABC Ltd”, use “ABC Ltd Sandbox” as your project name for all your testing.

# Default Identity Verification

When a MIRACL Trust application is created, the default identity is email. To verify the ownership of this email address the platform employs an email verification flow. When an enrolment is initiated the user is asked to enter the email they want to enrol with. An email is sent to the email address containing a one-time use link. By following it the user proves that they own the email address. The MPin ID enrolment process is initiated with a PIN prompt. Only the first device used to open the enrolment link is enrolled. This prevents the verification link from being used in phishing attacks. To enrol a different device you can use a QuickCode mechanism so the user is able to enrol additional devices from an already enroled device using a one-time code.

The verification flow can be completely overhauled using the custom user verification mechanism.