Register a Global User
We will need to create a Virgil Key and Card for each client that wants to authenticate to a server. Cards are stored with and contain your client's public encryption keys.
In order to sign data, each user must have their own Key Pair, and a Virgil Card published to our servers. These Global Cards can be used by anyone, including Virgil to verify a client's identity.
Generate a Virgil Key
We use the Virgil SDK to create a new Key Pair for the user. We then store the key locally with a name and a password, allowing us to look it up again later.
// generate a new Virgil Key
VirgilKey key = virgil.getKeys().generate();
// save the Virgil Key storage
Virgil does not keep a copy of your Virgil Key. Therefore, if you lose a Virgil Key, there is no way to recover it. You can always re-register a new card though.
Create a Virgil Card
Next, we want to create a using the Virgil Key. This will verify the user's identity and associate it with the key.
Currently, we only support email address as identifiers.
// create a Global Virgil Card
VirgilCard card = virgil.getCards()
.createGlobal("email@example.com", key, IdentityType.EMAIL);
The identifier for a Virgil Card can be any ID you prefer, for example, a username or user ID. The Creating Card guide provides more details.
Verify a Card's Identity
Finally, we verify that the user indeed is the owner of this email address. To verify, we trigger the verification step and Virgil will email the user a code that they will provide back to you.
// initiate identity verification process
attempt, err := card.VerifyIdentity()
// confirm an identity and grab the validation token
token, err := attempt.Confirm("[CONFIRMATION_CODE]")
// publish the Virgil Card
publishedCard, err := api.Cards.PublishGlobal(card, token)