Kaa releases
Shortcuts
Skip to end of metadata
Go to start of metadata

To use events between several endpoints, it is required that those endpoints were attached to the same user (in other words, registered with the same user). Kaa provides necessary APIs to attach/detach endpoints to/from users through one of the following two flows:

  • User access token flow
  • Endpoint access token flow

User access token flow

In the user access token flow, the user authenticates himself in an external authentication system and obtains the access token. The user performs this authentication from the endpoint which is due to be registered with him in the Kaa instance. Then, Kaa SDK transfers this token to the Kaa cluster over a secure channel. The Kaa cluster verifies the access token and attaches the endpoint to the user.

User verifiers

The user verification is handled by specific server components called user verifiers. There are several default user verifier implementations that are available out of the box for each Kaa installation. This section contains general information about the architecture, configuration and administration of the default user verifiers. It is also possible to plug in custom verifier implementations. Each Kaa application can support multiple user verifiers.

Trustful user verifier

This user verifier implementation is created for the test and debug purposes and always accepts provided user id and access token. It is recommended that you do not use this verifier in production because it may cause security issues. There is no specific configuration for this verifier, because its schema is empty.

To create a trustful user verifier, use either Admin UI or REST API. The following REST API call example illustrates how to create a new trustful user verifier.

Facebook user verifier

This user verifier implementation is created for verification of Facebook accounts. It is especially useful for applications that are already integrated with Facebook.

Configuration

The configuration should match the following Avro schema. Note that you need to create a facebook application and specify its application id and secret in the configuration.

The following configuration example matches the previous schema.

Administration

To create a Facebook user verifier, use either Admin UI or REST API. The following REST API call example illustrates how to create a new Facebook user verifier.

 

Google+ user verifier

This user verifier implementation is created for verification of Google+ accounts. It is especially useful for applications that are already integrated with Google+.

Configuration

The configuration should match the following Avro schema.

Administration

To create a Google+ user verifier, use either Admin UI or REST API. The following REST API call example illustrates how to create a new Google+ user verifier.

Twitter user verifier

This user verifier implementation is created for verification of Twitter accounts. It is especially useful for applications that are already integrated with Twitter.

Configuration

The configuration should match the following Avro schema.

Administration

To create a Twitter user verifier, use either Admin UI or REST API. The following REST API call example illustrates how to create a new Twitter user verifier.

Custom user verifier

It is possible to implement and plug-in custom user verifiers. You can find corresponding instructions on the Creating custom user verifier page.

Endpoint access token flow

In the endpoint access token flow, new endpoints are attached to the user with the help of the endpoint which was attached to the user beforehand.

The following steps illustrate this flow with the endpoint A, which is already attached to the user, and the endpoint B, which is due to be attached.

  1. The endpoint B periodically generates and sends its access token to the Kaa cluster.
  2. The endpoint B displays its access token as a QR code on the screen (TV) or on the webpage (e.g., a router or other device with an embedded server).
  3. The endpoint A retrieves this token by scanning QR code or in any other suitable way and sends it in the endpoint attach request to the Kaa cluster.
  4. The Kaa cluster verifies the access code and attaches the endpoint B to the user of the endpoint A.


Copyright © 2014-2015, CyberVision, Inc.

  • No labels