zkPass
zkPass User's Guide
zkPass User's Guide
  • Getting Started
    • ๐Ÿ”ŠIntroduction
      • What is zkPass?
      • How does it work?
      • How zkPass can help you
      • What's Ahead
    • ๐ŸŒค๏ธService-based Proof System
      • Main Features
      • zkPass Workflows
      • Deployment Options
        • Public-Cloud Hosting
        • Private-Cloud Hosting
        • On-Premise Hosting
    • ๐Ÿ—๏ธKey Concepts
      • User Data
      • DVR
      • zkPass Proof
  • Core Components
    • ๐Ÿ›๏ธService Architecture
      • RESTful API Web Service
      • zkPass Query Host
    • ๐Ÿ‘ฅzkPass Client Roles
    • ๐ŸคTrust Models
      • Data Privacy Trust Model
      • Data Integrity Trust Model
      • Computation Integrity Trust Model
    • ๐Ÿ‘ฉโ€๐Ÿ’ปzkPass Module
  • Use Cases
    • ๐ŸฉธEmployee Onboarding
      • โ€œBlood Test Resultโ€ User Data
      • "Employee Onboarding" DVR
      • zkPass Integration
      • Call Sequence
    • ๐Ÿš˜Loan Application Screening
      • โ€œBCA Customer Profileโ€ User Data
      • Loan Screening DVR
      • zkPass Integration
      • Call Sequence
    • ๐Ÿ›’Sharing OIDC Users Securely
      • "ShopSphere ID Token" User Data
      • "ShopSphere Account Holder" DVR
      • zkPass Integration
        • Integration Guidelines for ShopSphere OIDC Provider
        • Integration Guidelines for Krisna Service
        • Integration Guideline for ShopSphere App
      • Call Sequence
  • FAQ
    • How is verifiable computing implemented by ZKP?
  • Glossary
    • Client-based Proof System
    • DVR
    • User Data
    • zkPass Proof
Powered by GitBook
On this page
Export as PDF
  1. Use Cases
  2. Sharing OIDC Users Securely
  3. zkPass Integration

Integration Guidelines for ShopSphere OIDC Provider

Here are the two simple steps that the ShopSphere OIDC Provider, which takes the Data Issuer client role, must implement:

Providing the user data retrieval API

The ShopSphere OIDC Provider is required to expose a RESTful API that facilitates secure user data retrieval. The API should be designed to authenticate the user robustly, ensuring that only the legitimate owner can access the data. zkPass does not dictate the actual authentication mechanisms, API semantics, or response formats, providing developers the flexibility to implement the API. The API will be typically called by the Data Holder to download the user data needed by the query specified in the DVR.

Signing the user data

To ensure seamless integration with the zkPass framework, the ShopSphere must sign this sensitive information into a JWS (JSON Web Signature) token to ensure the authenticity of the data. To this end, the zkpass-client SDK library provides a function that will simplify the signing process.

Additionally, the ShopSphere OIDC Provider must also distribute the public key needed to verify the signed user data. This can be done via manual or out-of-band public key distribution, or via a programmatic API call as defined by the JSON Web Key Set (JWKS) protocol.

PreviouszkPass IntegrationNextIntegration Guidelines for Krisna Service

Last updated 1 year ago

๐Ÿ›’