This article contains information about PureKit credentials.
The following keys are used at your backend for PureKit initialization.
|A secret value used to to derive ||Generated with Virgil CLI|
|Used for application authentication at Virgil PHE service.||Derived from |
|Symmetric key that is used to encrypt a Grant that is needed for secure session between your users and your server, therefore, Auth key has to be accessible during user authentication step. Find out more on how to use Auth Key in authenticate users section.||Derived from |
|A 32-byte secret value used to derive ||Generated with Virgil CLI|
|Used to sign encrypted users data, to ensure that the data won't be changed. Note that users don't sign their data while encrypting it with their private keys.||Derived from |
|A unique service public key that is generated for a specific PHE application. Used to verify communication between your application and Virgil PHE service.||Generated at Virgil Dashboard|
|Can be used by admins to recover access to user's data in case the user forgot their password. Usually, Backup private key is rarely used, therefore, you can store it far from your server. Find out more on how to use Backup Key in the Data Encryption section.||Generated with Virgil CLI|
|Used to sign records sent to Virgil Cloud to enssure that the data won't be changed. (*) The VSKP Key is mandatory in case of using Virgil Cloud storage for storing users' private keys.||Derived from |
|Used for application authentication at Virgil KMS service.||Derived from |
|A unique public key of Virgil KMS service that is generated for a specific PHE application. Used to verify communication between your application and Virgil KMS service.||Created at Virgil Dashboard|
The following keys are used at your backend for managing users' data.
|PHE symmetric key, derived on backend during sign up/in process for a user with given id.||Derived automatically during user sign up/in|
|Randomly generated user keypair for a user with given id. Encrypted with ||Created automatically during user sign up/in|
|Key for data encryption. Used to encrypt specific cell (or group of cells) that are intended to have same set of entities that have access to it. ||Generated during encryption|
|Key pair that belongs to some external systems (services) that can access some columns of users' data.||Obtained from external service|