GuidesAPI ReferenceChangelogDiscussions
Woleet.io
These docs are for v1.5.2. Click to read the latest docs for v1.15.1.

Woleet.ID Server Edition

Suggest Edits
2362

Woleet.ID Server Edition allows to manage the identity of your corporate users, and allows them to sign data using this identity. A user identity is made of a bitcoin address (derived from a bitcoin key pair) and of personal identity data (e.g. name, email address, organisation, etc.) provided by the administrator of the service. In short, Woleet.ID Server links bitcoin addresses to personal identity data.
Woleet.ID Server Edition is provided as an open source server and client web app to host inside your organization's IT system.

User Interface

The user interface of Woleet.ID Server Edition is restricted to administrators. It allows to:

  • Create a user and set his personal identity data.
  • Create a bitcoin address (ie. a bitcoin key pair) for a user.
  • Register a bitcoin address (controlled by the user on his mobile phone or his Ledger Nano S) to associate it with the user identity.
  • Configure API tokens allowing to access Woleet.ID Server API.

Endpoints

The /sign endpoint (also called signing URL) is not exposed externally and allows authenticated users to sign some data using their bitcoin address (key pair). It can also be used to sign on behalf of users, provided that the caller provides a suitable API token.

The /identity endpoint (also called Identity URL) is exposed externally and can be used by any third party to verify that your company actually controls or has registered a given bitcoin address and to retrieve the personal identity data linked to this bitcoin address.

Security

Woleet.ID Server Edition is designed to protect the confidentiality and the integrity of bitcoin private keys, even in case of rooting of the hosting server: private keys are always encrypted in the database using an encryption key that the administrator needs to provide each time the server starts, and key management functions are isolated inside a secure module.

In case of suspicion regarding a private key, it can be revoked via the user interface. In the same way, API tokens and users can be revoked.

Finally, any modification of the database managed by Woleet.ID Server is logged and can be inspected.

Updated almost 5 years ago