Skip to main content

Prerequisites

To use the Securosys Authorization App, you need:

All of the above need to be configured before your users can get started with the Authorization App. The configuration differs depending on which HSM setup you are using.

Get an HSM

CloudHSM is a hosted offering from Securosys, where Securosys manages the HSMs for you in a geo-redundant cluster.

For testing purposes, CloudHSM offers a free 90-day trial.

Sign up to CloudHSM

Get a Transaction Security Broker

CloudHSM offers TSB-as-a-service. Depending on the service package, the TSB option may be included or may need to be manually enabled.

Check the licenses

Check that you have the following license options activated:

  • REST_API
  • TSB_ENGINE
  • KEY_AUTH
  • EXTENDED_KEY_ATTRIBUTES
  • ROOT_KEY_STORE

Call the GET /v1/licenseInfo endpoint of your CloudHSM instance to view your licenses. See the REST API base URLs. Make sure to include the JWT token in your request!

Create approvers

Lastly, you need to create approver accounts for the people using the Securosys Authorization App:

  1. Repeat the "Create Approver" tutorial for all accounts.
  2. Provide the One Time Codes to your approvers, they will need them to register in the app.

More approver management tasks are described in the tutorials.

Approver accounts are created and stored in the Transaction Security Broker (TSB). The TSB centrally manages all approvers and backs up their keys. This allows the approver manager to recover the approver accounts, for example, when an approver loses their phone. For more details, see the SKA documentation.

Later when you create an SKA key you can reference the approvers in the policy of the SKA key. For details, see this tutorial.

Next steps

Now that you have an HSM and a TSB, and have configured your approver accounts, your users are ready to install the Authorization App and onboard as approvers.

Get started withCloudHSM for free.
Other questions?Ask Sales.
Feedback
Need help?