Tanker is based on a few basic concepts that must be added to your existing user management system.

Tanker identity

A Tanker identity is an opaque structure, generated on your server. It represents a user of the application for Tanker and contains all necessary information for the Tanker SDK to perform usual operations.

It should be created when a user creates its account, using the CreateTankerIdentity function and stored in your database alongside other user information.

A Tanker identity is private and should be distributed only to the corresponding user, once they have been authenticated by your application.

Tanker public identity

A Tanker public identity represents a user for others. It contains all public information the Tanker SDK needs to share encrypted data with another user.

It can be created from a Tanker identity, using the GetPublicIdentity method.

The Tanker public identity can and should be distributed to any user needing to share encrypted data with another user.

It doesn't need to be stored as it can be extracted from the Tanker Identity at any time.

Identity verification

At some point, the Tanker SDK needs to verify a user's identity. This can be done by verifying the user's email address, or by other means detailed here. In the rest of this guide, we will only consider email verification, but any other identity verification method can be used instead.

To verify the user's email address, Tanker needs to send them an email. This email is customizable: you provide the template, sender name, subject, etc. See here for more information about this.

Next, we will cover the server-side changes needed to use Tanker.