Skip to main content

Get Started with the Authorization App

The quickstart section provides a comprehensive guide outlining the steps necessary to Download, Install and configure the Securosys Authorization App on your device.

Prerequisites

Before continuing with the Securosys Authorization App on your device, ensure that your HSM infrastructure is prepared beforehand. Depending on your infrastructure make sure to adhere to the following prerequisites, based on your environment: HSM on-premises or CloudHSM

  • Primus HSM: Set up and configured successfully, including:
    • Device setup completed with the initial wizard
    • Root Key Store installed and configured
    • Enabled security features: Client API access, Key Auth, JCE, Rest-API, TSB Workflow Engine
    • Created at least one user
  • Transaction Security Broker (REST API): Successfully deployed and configured the TSB Docker container with the TSB_ENGINE license

For more granularity please see chapter Prerequisites.

Downloading and Installing Securosys Authorization App

Approver Required

The registration procedure is performed by the role of an Approver.

  • The user which has to download the Securosys Authorization App on the mobile phone.

To start using the Securosys Authorization App, Download and install the latest version on your smartphone. For more granular information and detailed step by step guide, please follow the chapter Installation.

Create Approver

Approver Manager Required

The Approver creation procedure is performed by the role of an Approver Manager.

  • Personnel responsible for creating and managing the entire pool of Approver's.

An Approver must first be created before the approver can use the Securosys Authorization App and authorize tasks.

Refer to the REST API curl endpoint below to create an Approver.

Example Create Approver

POST: /v1/approverManagement/create

{
"approverName": "finance-officer@securosys.com",
"algorithm": "RSA",
"keySize": 2048,
"backupPassword": "6se1Qbsi3bJshe",
"validity": 3650
}

Response: Response is a oneTimeCode to be sent to the approver to fetch the approver-key

{
"oneTimeCode": "410447"
}

Next, please provide the following information to the user with the role Approver:

  • Approver Name (from above request)
  • Backup Password (from above request)
  • One Time Code (from above response)
  • API Key (optional)
  • TSB URL (the rest-api url)

With these information the Approver can now Register their App.

Onbarding-Status

You can verify the onboarding status of the Approver, see chapter Tutorial - Approver Management - Verify Onboarding Status for more information.

For more granularity, please see chapter Tutorial - Approver Management - Create Approver.

Register Approver

Approver Required

The registration procedure is performed by the role of an Approver.

Register as Approver on the Securosys Authorization App by inserting the required credentials provided by your Approver Manager from the previous chapter Create Approver.

For more granular information about the registration credentials and detailed step by step guide to the registration process, please follow the chapter Installation.

Create Policy based Key with multi-authorization

Approver Manager Required

The key creation procedure is performed by the role of an Approver Manager.

By assigning SKA policies to keys, Approvers are granted the ability to authorize approval tasks.

For more detailed information about SKA keys please see:

Using Securosys Authorization App

The Securosys Authorization App allows for authorization of operational and key management tasks where the authorization of an Approver is required as part of a Smart Key Attribute key access policy.

For more granular information and detailed step by step guide, please follow the Tutorial chapter. There you will find usecases such as:

  • Obtaining the Public Key or Certificate
  • Approving or Cancling Operation Tasks
  • Approving or Cancling Key Management Tasks
  • New Onboarding
  • Configuring Active Biometric Authorization

There are various usecases for the Securosys Authorization App. See Usecases for more use case examples and their documentation.