-
Notifications
You must be signed in to change notification settings - Fork 16
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
docs(feat): developer docu credential management (#326)
- Loading branch information
Showing
6 changed files
with
276 additions
and
0 deletions.
There are no files selected for viewing
49 changes: 49 additions & 0 deletions
49
docs/developer/06. Certificates/01. UseCase Participation.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,49 @@ | ||
## UseCase Participation | ||
|
||
The use case participation page is created to enable data provider/consumer and solution providers to view their use case participation and to request the participation for new use cases. | ||
The use case participation is a verified credential which is stored on the company wallet which generates trust and liability in the network. The company signing the framework agrees to the use case date sharing rules. | ||
|
||
Accessing the page is possible via the user navigation | ||
|
||
<img width="152" alt="image" src="https://raw.githubusercontent.com/eclipse-tractusx/portal-assets/main/docs/static/use-case-participation-option.png"> | ||
|
||
<br> | ||
<br> | ||
|
||
When accessing the page, an overview of available use case frameworks, link to the related document as well as the expiry dates is getting displayed. | ||
An example screen can get viewed below: | ||
|
||
<br> | ||
<img width="636" alt="image" src="https://raw.githubusercontent.com/eclipse-tractusx/portal-assets/main/docs/static/usecase-credential-application-overview.png"> | ||
<br> | ||
<br> | ||
|
||
By clicking on "Edit" the signed use case document can get uploaded by the company and submitted. | ||
The submission will trigger a request on the operator side and needs to get approved by the same before the credential is successfully added inside the company wallet. | ||
|
||
<br> | ||
<img width="636" alt="image" src="https://raw.githubusercontent.com/eclipse-tractusx/portal-assets/main/docs/static/agreement-file-upload.png"> | ||
<br> | ||
<br> | ||
|
||
> **_NOTE:_** Only PDF files upto 2 MB are allowed to get loaded. | ||
<br> | ||
<br> | ||
|
||
To view the current state of the credential request, the status is getting displayed on the main page | ||
|
||
<img width="96" alt="image" src="https://raw.githubusercontent.com/eclipse-tractusx/portal-assets/main/docs/static/status-pending.png"> | ||
<br> | ||
<img width="77" alt="image" src="https://raw.githubusercontent.com/eclipse-tractusx/portal-assets/main/docs/static/status-active.png"> | ||
|
||
<br> | ||
<br> | ||
|
||
## NOTICE | ||
|
||
This work is licensed under the [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0). | ||
|
||
- SPDX-License-Identifier: Apache-2.0 | ||
- SPDX-FileCopyrightText: 2023 Contributors to the Eclipse Foundation | ||
- Source URL: https://github.com/eclipse-tractusx/portal-assets |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,51 @@ | ||
## Company Certificates | ||
|
||
Beside the Use Case Frameworks, companies can apply/request for other kind of company certificates as well. | ||
|
||
Currently Supported: | ||
|
||
- Dismantler Credential | ||
|
||
<br> | ||
<br> | ||
|
||
Accessing the company certificate credentials request page can be done via the user navigation | ||
|
||
<br> | ||
<img width="152" alt="image" src="https://raw.githubusercontent.com/eclipse-tractusx/portal-assets/main/docs/static/certificate-option.png"> | ||
<br> | ||
<br> | ||
|
||
When accessing the page, an overview of already submitted, active or inactive certificates is displayed. | ||
Via the button "Upload Certificate", new requests can get triggered. | ||
|
||
<br> | ||
<img width="156" alt="image" src="https://raw.githubusercontent.com/eclipse-tractusx/portal-assets/main/docs/static/button-upload-certificate.png"> | ||
<br> | ||
<br> | ||
|
||
The overlay for the certificate upload is displayed and the user can upload the certificate as pdf. | ||
Please note: the overlay supports the certificate selection. If only one certificate type is allowed, the dropdown will be pre-filled and can't get changed/updated. | ||
|
||
<br> | ||
<img width="622" alt="image" src="https://raw.githubusercontent.com/eclipse-tractusx/portal-assets/main/docs/static/certificate-file-upload.png"> | ||
<br> | ||
<br> | ||
|
||
> **_NOTE:_** Only PDF files up to 2 MB are allowed to get uploaded. | ||
<br> | ||
<br> | ||
|
||
The submission will trigger a request on the operator side and needs to get approved by the same before the credential is successfully added inside the company wallet. | ||
|
||
<br> | ||
<br> | ||
|
||
## NOTICE | ||
|
||
This work is licensed under the [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0). | ||
|
||
- SPDX-License-Identifier: Apache-2.0 | ||
- SPDX-FileCopyrightText: 2023 Contributors to the Eclipse Foundation | ||
- Source URL: https://github.com/eclipse-tractusx/portal-assets |
66 changes: 66 additions & 0 deletions
66
docs/developer/06. Certificates/03. Credential Admin Board.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,66 @@ | ||
## Credential Admin Board | ||
|
||
The credential admin board enables the administrator to view credential requests and approve/reject them. | ||
|
||
<p align="center"> | ||
<img width="636" alt="image" src="https://raw.githubusercontent.com/eclipse-tractusx/portal-assets/main/docs/static/credential-request-overview.png"> | ||
</p> | ||
|
||
The administrator can: | ||
|
||
- filter based on credential request status | ||
- open the attached document and verify the document correctness as well as the (if necessary) signature | ||
- approve the credential request | ||
- reject the credential request | ||
|
||
<br> | ||
<br> | ||
|
||
#### Filter based on credential request status | ||
|
||
Use the implemented filter views to view "all", "open", "confirmed" and "rejected" requests. | ||
|
||
<br> | ||
|
||
<p align="center"> | ||
<img width="1235" alt="image" src="https://raw.githubusercontent.com/eclipse-tractusx/portal-assets/main/docs/static/credential-request-filters.png"> | ||
</p> | ||
|
||
<br> | ||
<br> | ||
|
||
#### Open the attached document | ||
|
||
By clicking on the document icon, the attached document is getting downloaded and can get verified. | ||
|
||
<br> | ||
<br> | ||
|
||
#### Approve Credential Request | ||
|
||
With the credential approval button, the credential request approval endpoint is triggered (see details below) additionally, following task will get executed | ||
|
||
- credential request is getting set to "Active" | ||
- the verified credential is getting added to the customer wallet | ||
- the customer/requester is getting informed about the new added credential inside the owned managed identity wallet (via email) | ||
|
||
<br> | ||
<br> | ||
|
||
#### Reject Credential Request | ||
|
||
With the credential reject button, the credential request decline endpoint is triggered (see details below) additionally, following task will get executed | ||
|
||
- credential request is getting set to "Inactive" | ||
- the customer/requester is getting informed about the rejection/decline of the credential and getting enabled to start a new request (via email) | ||
|
||
<br> | ||
<br> | ||
|
||
## NOTICE | ||
|
||
This work is licensed under the [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0). | ||
|
||
- SPDX-License-Identifier: Apache-2.0 | ||
- SPDX-FileCopyrightText: 2023 Contributors to the Eclipse Foundation | ||
- Source URL: https://github.com/eclipse-tractusx/portal-assets |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
## FAQ | ||
|
||
#### 1. Why can I not upload any certificate | ||
|
||
The "Company Certificates" page validates if the user company can upload any certificates (due to an outrunning certificate or a not yet requested certificate type). In case there is no certificate type existing which the user can request, the "Upload Certificate" button will be deactivated. | ||
|
||
<br> | ||
|
||
#### 2. Who validates my VC request after submission | ||
|
||
The platform operator is getting informed of the VC request, validates it and approves or declines the request. In both scenarios the requesting user will be informed about the decision. In case of the approval, the VC is created inside the customer wallet. | ||
|
||
<br> | ||
|
||
#### 3. For how long will the credential be valid. | ||
|
||
Credential valid till dates are defined by the VC issuer. In most cases credentials are valid for 12 month. In special cases (due to an certificate expiry) the duration might be shorter. | ||
The user can view the duration inside the wallet. | ||
|
||
<br> | ||
|
||
## NOTICE | ||
|
||
This work is licensed under the [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0). | ||
|
||
- SPDX-License-Identifier: Apache-2.0 | ||
- SPDX-FileCopyrightText: 2023 Contributors to the Eclipse Foundation | ||
- Source URL: https://github.com/eclipse-tractusx/portal-assets |
63 changes: 63 additions & 0 deletions
63
docs/developer/06. Certificates/04. Credential Revocation.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,63 @@ | ||
## Credential Revocation Feature Documentation | ||
|
||
### Description | ||
|
||
The issuer admin board now includes a feature that allows the revocation of "Active" credentials. Issuers assigned with the "revoke_credentials_issuer" permission can utilize this feature to manage the valid status of issued credentials. | ||
|
||
### Revocation Capability | ||
|
||
Issuers with the necessary permissions can now revoke credentials that are marked as "Active." This feature is crucial for maintaining the integrity and trustworthiness of the credentialing system. | ||
|
||
### UI Integration | ||
|
||
A revoke option, represented by the MaterialUI `SettingsBackupRestore` icon, has been added to the issuer admin board. This icon is displayed next to each "Active" credential, enabling easy access to the revocation function. | ||
|
||
<img width="70" alt="image" src="https://raw.githubusercontent.com/eclipse-tractusx/portal-assets/main/docs/static/credential-revocation-icon.png"> | ||
|
||
This option is only visible and accessible to users who have been granted the "revoke_credentials_issuer" permission. | ||
|
||
### Confirmation Overlay | ||
|
||
When the revoke icon is clicked, a confirmation overlay appears to ensure the issuer intends to proceed with the revocation. The overlay provides "Cancel" and "Confirm" options to either abort or continue with the process. | ||
|
||
<img width="300" alt="image" src="https://raw.githubusercontent.com/eclipse-tractusx/portal-assets/main/docs/static/credential-revocation-overlay.png"> | ||
|
||
### API Integration | ||
|
||
Upon confirming the revocation, the system will trigger an API call to the revocation endpoint with the specific credential ID that is to be revoked. | ||
|
||
**API Endpoint**: `POST /api/revocation/issuer/credentials/{credentialId}` | ||
|
||
The `{credentialId}` in the endpoint's path should be replaced with the actual ID of the credential being revoked. | ||
|
||
### Loading State and User Feedback | ||
|
||
A loading indicator is displayed while the revocation request is processed. Feedback is provided to the issuer once the API responds, indicating the success or failure of the revocation. | ||
|
||
### Success/Error Handling | ||
|
||
The user will receive a notification upon successful revocation. In the event of a failure, an error message will be displayed. | ||
|
||
**Unsuccessful Revocation Message**: | ||
|
||
- DE: "Der Widerruf der Berechtigung war erfolglos. Bitte wenden Sie sich an den Administrator oder versuchen Sie es später erneut." | ||
- EN: "The revocation of the credential was unsuccessful. An error occurred. Please try again. If the problem persists, contact the site administrator." | ||
|
||
**Successful Revocation Message**: | ||
|
||
- DE: "Der Widerruf Ihrer Zugangsdaten wurde erfolgreich verarbeitet. Mit der erfolgreichen Sperrung verliert der Ausweis seine Gültigkeit. Beachten Sie, dass die Aktion nach dem Widerrufen eines Berechtigungsnachweises nicht mehr rückgängig gemacht werden kann und der Berechtigungsnachweis nicht mehr als gültig anerkannt wird." | ||
- EN: "The customer credential revocation has been successfully processed. With the successful revocation, the credential is no longer valid. Note that once a credential is revoked, the action cannot be undone, and the credential will no longer be recognized as valid." | ||
|
||
### Permissions Check | ||
|
||
The system verifies that only users with the "revoke_credentials_issuer" permission can access and use the revocation feature, adhering to the established permission system. | ||
|
||
<br> | ||
|
||
## NOTICE | ||
|
||
This work is licensed under the [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0). | ||
|
||
- SPDX-License-Identifier: Apache-2.0 | ||
- SPDX-FileCopyrightText: 2024 Contributors to the Eclipse Foundation | ||
- Source URL: https://github.com/eclipse-tractusx/portal-assets |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
## Summary | ||
|
||
... | ||
|
||
Content: | ||
|
||
- [Use Case Credential](./01.%20UseCase%20Participation.md) | ||
- [Other Certificates](./02.%20Other%20Certificates.md) | ||
|
||
<br> | ||
<br> | ||
|
||
## NOTICE | ||
|
||
This work is licensed under the [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0). | ||
|
||
- SPDX-License-Identifier: Apache-2.0 | ||
- SPDX-FileCopyrightText: 2023 Contributors to the Eclipse Foundation | ||
- Source URL: https://github.com/eclipse-tractusx/portal-assets |