At FundRequest, we looked at various solutions for users authentication. We compared different identity providers by respectively integrating Keycloak and Auth0 which allow to log in with a social account like Google or GitHub.

We believe in decentralized applications and our first step towards this is having a decentralized authentication mechanism which we can trust and is user friendly. Multi-factor authentication is a must!

After some research, we wanted to do some tests using Civic and were quite happy with the results. Signup was fast, authentication went smooth and when we needed support we got feedback swiftly! For more information on how Civic works, have a look on their website. Here’s a quote to get you started:

Through our decentralized architecture with the blockchain and biometrics on the mobile device, our platform provides multi-factor authentication without a username, password, third party authenticator, or physical hardware token.

Perfect, that is what we needed for the FundRequest platform. So how did we integrate this? Well, to use Civic, we had to sign up for an application, which we got quite fast. We immediately started to dig into the documentation (for tech people: the API documentation).

The sequence diagram below explains in detail how Civic’s authentication mechanism works. The key takeaway from this diagram is that Civic generates a token (JWT) which the platform can use to authenticate the user.

The data between Civic and the User/Platform is encrypted using your application public/private keypair. For more information on this matter, you can have a look at Civic’s documentation.

For the platform to communicate with Civic (to validate the token), you can install a client that communicates with Civic SIP API. We decided to have this as a separate service using Node and NPM. The platform can communicate with this service using a Feign HTTP client and a Hystrix circuit breaker, both products open sourced by Netflix. If you want to know more about these products, do checkout a blogpost series on this matter by our team member Quinten.

To conclude, this is our high level overview of the integration with Civic:

Integration of Civic authentication in the FundRequest platform

See it in action

https://www.youtube.com/watch?v=DcLMIPt2qlQ

Conclusion

Civic works as expected, but sadly it isn’t integrated yet into any identity provider, which is a requirement for our platform since we want keep supporting GitHub authentication. So for now we’ve dialed back our usage of Civic, but we plan to fund several feature requests to add Civic support in Auth0 and Keycloak.

This is not a goodbye but a see you soon…

Don’t forget to join our growing community on Telegram or Twitter. If you want to talk development please join our dev team on Rocket Chat. We’ll be happy to discuss!