yes VivoKey Cloud and the associated mobile app will rely on the auth API to generate a JWT, which along with a pin code, will serve as an authentication factor for the VivoKey Cloud service. Then any external service relying on VivoKey Cloud for IdP services will accept the user authentication via SAML and eventually we will again support OpenID Connect.
VivoKey Cloud will be a subscription service. However, by subscribing you’ll also get access to various services we plan on deploying “behind” it.
Actually we released Spark for Apex so you can use the Apex for both Fido and VivoKey Cloud. A Spark could serve as a backup option for your VivoKey Cloud account.
I know the Apex has the fido applet, I witch I think works just like a NFC fido key ? (you register it to the site and scan it when prompted instead of entering the password, if I understand it correctly). So the spark can be the backup of the Apex if the Apex get compromised/messed up during instal or need to be wiped clean but only for the Vivokey service?
And this is because the spark programming is locked?
So only use it there to limit exposure and possible getting it compromised?
The spark cannot backup the apex… think of it more like the auth API, which is at the center of all future VivoKey services, works with the spark. In order for you to use the apex with the auth API, You need the spark applet on apex.
With VivoKey Cloud, You will be able to associate multiple spark chips with your Cloud identity account. That means you can register your Apex and your Spark. In that way, your Apex and Spark back each other up as access tokens to your VivoKey Cloud account.
to clarify, the Auth API isn’t going to support OpenID Connect or any standard IdP protocol, it only validates authenticity of a chip scan. it basically stands in for the typical username and password authentication that happens when a user is authenticating with the IdP.
VivoKey Cloud is going to be the IdP service launching later this year that will use the auth api as part of user authentication.
Did the ability to make the spark have no action upon scan get removed with the update to spark actions? i added a test profile to mine and now i cant remove it
With this change how is it functionally different from just writing NFC instructions directly to the Spark 2? That seems like it would be more usable in the interim as a redirect through vivokey servers just adds a layer of complexity.
I assume writing over the NFC would essentially just lose authenticating login, which is basically only for this and the vivokey forum.