GridWhale is currently implemented in a separate arcology from Hexarc, but we'd like to use Hexarc usernames to sign in to GridWhale. This spec describes how to do that.
Login
Login proceeds as follows:
- GridWhale prompts for a username and password (via HTTPS only).
- GridWhale service calls an API on Hexarc.com to validate the username and password.
- On success, Hexarc returns an abbreviated user record and registers it as a login. We do not return any kind of auth token that could be used on Hexarc.
- On failure, Hexarc returns FALSE and we log it as an invalid login.
- We ask GridWhale Cryptosaur to generate an auth token for a user of the form "@GridWhale:xyz" where xyz is the username. This combines user creation (if necessary), scoped credentials, and login.
- After that, we validate the auth token as normal.
Resolve
Archive
Reopen
Create
Edit
Save
Attach File
Cancel Edit