Skip to main content

Quickstart

The quickstart section provides a comprehensive guide outlining the steps necessary to Download, Install and configure the Securosys Authorization App on your device. This guide is segregated in two parts User guide and Administrative Guide.

Prerequisites

Approver Manager and HSM Administrator Required

The HSM infrastructure preparations require an Approver Manager as well as an HSM Administrator.

Before continuing with the Securosys Authorization App on your device, ensure that your HSM infrastructure is prepared beforehand. Depending on your infrastructure make sure to adhere to the following prerequisites.

OnPremises

CloudHSM

For more granularity please see chapter Prerequisites.

Downloading & Installing Securosys Authorization App

Approver Required

The registration procedure requires an Approver.

To start using the Securosys Authorization App, download and install the latest version on your smartphone. For more granular information and detailed step by step guide, please follow the chapter Installation.

Create Approver

Approver Manager Required

The Approver creation procedure requires an Approver Manager role.

To allow the Approver to use the Securosys Authorization App and authorize tasks, an Approver must first be created. Refer to the REST API curl endpoint below to create an Approver.

Create Approver

POST: /v1/approverManagement/create

curl -X PUT  -H "Content-Type: application/json" \
 https://tsb-demo.cloudshsm.com/v1/approverManagement/create -d \
'{
  "approverName": "finance-officer@securosys.com",
  "algorithm": "RSA",
  "keySize": 2048,
  "backupPassword": "6se1Qbsi3bJshe",
  "validity": 3650
}'

Response: Response is a oneTimeCode to be sent to the approver to fetch the approver-key

{
  "oneTimeCode": "410447"
}
API-KEY

In case of using API-KEY's add the following header to the CURL-Command: -H "X-API-KEY: tsb-x-token_07..."

Next, please provide your Approver with the following credentials:

  • Approver Name (from above request)
  • Backup Password (from above request)
  • One Time Code (from above response)
  • API Key (optional)
  • TSB URL (the rest-api url)

With these credentials the Approver can now Register on their App. You can verify the onboarding status of the Approver, see chapter Tutorial - Approver Management - Verify Onboarding Status for more information.

For more granularity, please see chapter Tutorial - Approver Management - Create Approver.

Register Approver

Approver Required

The registration procedure requires an Approver.

Register as Approver on the Securosys Authorization App by inserting the required credentials provided by your HSM Administrator (step above).

For more granular information about the registration credentials and detailed step by step guide to the registration process, please follow the chapter Installation.

Create Policy based Key with multi-authorization

Approver Manager Required

The key creation procedure requires an HSM Administrator.

By assigning SKA policies to keys, Approvers are granted the ability to authorize approval tasks.

Rest-API

The following guides will redirect you to the REST-API documentation

Using Securosys Authorization App

Approver Required

The features of the Securosys Authorization App require an Approver.

The Securosys Authorization App allows for authorization of operational and key management tasks where the authorization of an Approver is required as part of a Smart Key Attribute key access policy.

For more granular information and detailed step by step guide, please follow the Tutorial chapter. There you will find usecases such as:

  • Obtaining the Public Key or Certificate
  • Approving or Denying Operation Tasks
  • Approving or Denying Key Management Tasks
  • New Onboarding
  • Configuring Active Biometric Authorization

There are various usecases for the Securosys Authorization App. See Usecases for more use case examples and their documentation.