Sharing Credential with Users
The sequence diagram below shows how a user can share credentials with other users.
Sequence Diagram
User Selection
- The user selects the credentials they want to share and clicks on the “Share” button.
- The client sends a request to the server to fetch the required credential fields.
- The server returns the credential fields, to the client.
User and Access Type Selection
- The user selects the required users they want to share the credentials with.
- For each selected user, the user specifies the access type (e.g., read, manager).
Background Service Processing
- The client sends the selected credentials and users, to the background service.
- The background service sends the credentials to the WASM module for decryption.
- The WASM module, which has the user’s private key loaded in memory, decrypts the credentials.
- After decryption, the background service sends the decrypted fields to be encrypted using the target users public key to wasm module.
- The background service sends the encrypted credentials back to the client.
- The client then sends the whole payload to hash and then sign
- The client sends the payload to the server with signature in the header.
Server Processing
- The client sends the encrypted credentials and user access information to the server.
- The server infers the field names and field types from the received data after verifying the signature.
- In a single transaction, the server performs the following steps for each credential and user:
- Adds the credential to the particular user’s access list.
- Adds the credential field details to the corresponding tables.
Note: If the credential is shared once, the server will add another entry to the access list table and skip adding to fields table