Key Binder Plugin

The Key Binder plugin interface provides a method to bind an individual's ID with a public key. On successful binding, it returns a signed certificate called Wallet User ID which uniquely identifies the user and the wallet.

When a new binding request is received, it is expected that the key binder implementation takes care of overriding previously bound certificates with the newly generated signed certificate for a user.

The individual needs to be authenticated before binding the key. The interface is structured to accept any type of authentication challenge, namely OTP or biometrics.

The bound certificate will then be usable to do token-based authentication like WLA (Wallet Local Authentication) from any digital wallet app.

Please refer here for the key binder interface refrence implementation

Note: For the latest version of the interface please check our code base - KeyBinder.java

Who uses this interface?

The APIs exposed by this interface are used by Digital Wallets to perform wallet binding while it is implemented by Identity Systems.

How to implement this plugin?

The Key Binder implementation class must be annotated with ConditionalOnProperty with mosip.esignet.integration.key-binder property.

Below is an example of how our Mock Identity System has implemented the eSignet KeyBinder plugin.

@ConditionalOnProperty(value = "mosip.esignet.integration.key-binder", havingValue = "mock-keybinder-service")
@Component
@Slf4j
public class MockKeyBindingWrapperService implements KeyBinder {
    //Implement keybinder methods
}

Appendix - Key Binding

The Key Binding functionality is depicted in the diagram below:

Here, the Binding Partner is nothing but the wallet backend service.

Last updated 5 months ago

Was this helpful?

hashtagWho uses this interface?

hashtagHow to implement this plugin?

hashtagAppendix - Key Binding

Who uses this interface?

How to implement this plugin?

Appendix - Key Binding