It is possible to verify a user's identity by using a verification key. In this case, the verification key (an opaque token) is generated when the user registers, and must be provided as-is for verification purposes. Contrary to other methods, this does not cause the Tanker servers to store a half secret on behalf of the users. Therefore:

  • losing the key may render the data inaccessible
  • this method cannot be used with any other verification method

Getting the verification key

To get the user's verification key, you need to call generateVerificationKey() on a started Tanker session.

The simplest way to use this verification key is to display it to the user and make sure they store it in a safe place.

if (status == Status.IDENTITY_REGISTRATION_NEEDED) {
  String verificationKey = tanker.generateVerificationKey().get();
  Log.i(TAG, "Please save this key in a safe place: " + verificationKey);

  // Verify the identity
  tanker.registerIdentity(new VerificationKeyVerification(verificationKey)).get();
}

if (status == TKRStatusIdentityRegistrationNeeded) {
  [self.tanker generateVerificationKeyWithCompletionHandler:verificationKeyHandler];
}

TKRVerificationKeyHandler verificationKeyHandler = ^(TKRVerificationKey* key, NSError* err) {
  if (err == nil) {
    // Ask user to store the verification key in a safe place, for instance using iCloud Keychain
    [self.app showSavingKeyViewWithVerificationKey:verificationKey];
    // Convert the verificationKey into a TKRVerification.
    TKRVerification* verification = [TKRVerification verificationFromVerificationKey:key];
    // Verify the identity
    [self.tanker registerIdentityWithVerification:verification
                                completionHandler:^(NSError* err) {
                                  if (err == nil) {
                                    // do something
                                  }
                                }];
  }
}

if (status === Tanker.statuses.IDENTITY_REGISTRATION_NEEDED) {
  const verificationKey = await tanker.generateVerificationKey();
  console.log('Please save this key in a safe place: ' + verificationKey);

  // Verify the identity
  await tanker.registerIdentity({ verificationKey });
}

Verifying the identity with a verification key

To verify the user's identity using their verification key, ask the user to input it and pass it to verifyIdentity() after starting the session:

if (status == Status.IDENTITY_VERIFICATION_NEEDED) {
  // Wait for the user to input their verification key
  String verificationKey = app.promptUser("Paste your verification key:");

  // Verify the identity
  tanker.verifyIdentity(new VerificationKeyVerification(verificationKey)).get();
}

if (status == TKRStatusIdentityVerificationNeeded) {
  // Retrieve verification key from user
  NSString* userInput = [self.app promptUser:@"Paste your verification key:"];
  TKRVerificationKey* verificationKey = [TKRVerificationKey verificationKeyFromValue:userInput];

  // Convert the verification key into a TKRVerification.
  TKRVerification* verification = [TKRVerification verificationFromVerificationKey:verificationKey];
  // Verify the identity
  [self.tanker verifyIdentityWithVerification:verification
                            completionHandler:^(NSError* err) {
                              if (err == nil) {
                                // do something
                              }
                            }];
}

if (status === Tanker.statuses.IDENTITY_VERIFICATION_NEEDED) {
  // Wait for the user to input their verification key
  const verificationKey = await app.promptUser('Paste your verification key:');

  // Verify the identity
  await tanker.verifyIdentity({ verificationKey });
}