Connect with investorID
An InvestorID allows to login to a website using your Identity as it is possible with Social Providers.
When an user attempt to login, the server generates a challenge to be signed using a wallet linked to the Identity. The server has the possibility to request access to some Information and Claims about the Identity.
The following process explains the authentication flow for Connect with Identity. To summarize, a website requests access to certain set of information, and allows the connection once it has all the access it requires. The website (or service provider) will be able to request more access, but these will required each time a new signature from the Identity Owner.
An Identity Owner using its Identity to connect to a service will be able to share, on the request of the service, some of the data related to the Identity. The list will be signed by the Identity Owner and the service will not have access to more data. This may include:
- First and Last Name
- Phone number (if available)
- Any claim data stored by the Tokeny Identity Service.
Once the Identity is connected, the Identity Owner will be able to share additional data such as:
- Other claim data or information stored by other Information Providers or Claim issuers.
There are multiple ways to required access to information: immediate grant, which only allow access once to information, and persistent grants, which allows longer-term access until the grant is revoked by the Identity Owner. Refer to the Sharing data section for more information about access grants.