Privicore
    Privicore
    • Privicore API
    • Utility
      • Utility
      • Check server health
        GET
      • Request command id status
        GET
    • Profile
      • Profile Model and Authentication Workflow
      • Register new profile
        POST
      • Authenticate
        POST
      • Retrieve profile id
        GET
      • Change password
        POST
      • Generate qr token for authorization
        POST
      • Reauthorize authorization token
        POST
      • Revoke authorization token
        POST
      • Retrieve token expiry
        POST
    • OAuth Application
      • Register OAuth Application
        POST
      • Retrieve OAuth app configuration
        POST
      • Request OAuth app authorization code
        GET
      • Retrieve OAuth app authorization code
        POST
      • Obtain OAuth app access token
        POST
      • OAuth application list
        GET
      • Retrieve OAuth application scope
        GET
      • Refresh OAuth app access token
        POST
    • Public key
      • Generate your private and public keys
        GET
      • Register public key
        POST
      • Retrieve public key
        GET
      • Retrieve CAB public key
        GET
    • Data Token
      • Reserve token space
      • Retrieve temporary data token
      • Exchange data for token
      • Upstream file via stream auth
      • Request data via token
      • Download data
      • Configure information security risk meta
      • Configure file meta
      • List data tokens
      • Update data token
      • Delete data
    • Device
      • Request unique identifier (i.e. Register new device)
      • Retrieve unique identifier
      • Retrieve profile devices
      • Configure device meta
      • Approve device
      • Reject device
      • Retrieve device configuration
      • Remove device
    • Storage
      • Register storage device
      • List storage devices
      • Synchronize device
      • Remove storage
    • Verified authenticator
      • Register authenticator
      • List verified authenticators
      • Retrieve voting strategy
      • Set quorum size
      • Set quorum strategy
      • Set voting time limit
      • Set maximum voting attempts
      • Remove authenticator
    • Policy
      • List policy templates
      • Register policy
      • List active policies
      • List inactive policies
      • Activate policy
      • Deactivate policy
      • Delete policy
    • Directory
      • Register Directory
      • Retrieve owned Directories
      • Retrieve assigned directories
      • Retrieve Directory
      • Create Directory User
      • Update user information
      • Invite Profile
      • Set profile password
      • List Directory Invites
      • Process Invitation
      • Retrieve directory profile
      • List directory users
      • Directory profiles info
      • Create profile device
      • Add storage device to profile
      • List directory devices
      • Create directory voting pool
      • Store directory meta information
    • Voting
      • Create voting
      • Check pool status

    Privicore API

    Privicore Engine is a tool that allows third-party applications to exchange data for data tokens.
    The tokenization process incorporates access control and usage rights managed through configurable policies and a secure voting system. This mechanism ensures that data is protected and used in accordance with predefined guidelines, supporting data governance.
    The storage component provides data storing functionality. Both desktop and server applications are available for data storage and management.
    It is advised that end user, the one that is adding storage, has at least 3 storage devices.
    image.png

    Making a request#

    image.png
    Requests toward Privicore Engine are all asynchonrious. This means that in exchange for a request you will receive an identifier.
    This identifier can later be used to check the status of the actuall call.
    Example is making a Register new profile call. In response you will receive an id that can be used to check what is going on with your call by using Request command id status
    If calling another route to check for status is not sufficient, user can open up websocket connection towards Privicore Engine in order to receive response in realtime.

    Exchanging data for data tokens#

    image.png
    In order to exchange data for a data token, user should first allocate a space for where data token will be stored.
    Reserving a space for data token is mechanisam that we use in order not to have stale tokens, and provide user with ability to organize its tokens by using context.
    When reserving space for a data token, the system attaches supplemental metadata that describes the token's intended use, associated policies, and any access or usage conditions. This context may include details such as:
    Purpose: What the token represents or the type of data it is associated with.
    Usage Rights: Rules or guidelines that specify how the tokenized data can be accessed or used.
    Operational Parameters: Conditions under which the token should be handled, such as time limits, validity periods, or security requirements.
    Providing this context upfront ensures that subsequent processes or systems interacting with the token have the necessary information to enforce policies, maintain data integrity, and manage data governance effectively.
    Usage of context is left entierly up to the user of the system. In our desktop application context is used as directory name.
    Once space is alocated user can retrieve the token and use it to exchange data.
    There are two ways to exchange data.
    Smaller data can be exchanged over HTTP API call Exchange data for token.
    Larger data (files) can be exchanged using upstream route with provided authentication.

    Retrieving data#

    image.png
    To retrieve data user should first issue a request towards Privicore Engine. Depending on the size of the data that is beeing retrieved, response body will eithe contain data (if it small size) or authorization code if size is bigger.
    If it contains authorization code, user can use peek functionlity to see how far the data retrieval process is.
    For detail flow refer to the data token section

    Pools and Voting#

    image.png
    Calls to the Privicore Engine are asynchronous, which allows for request interception and dynamic decision-making regarding request continuation.
    To implement the voting mechanism on a route, the user should first query the available policies and activate the necessary ones.
    For full voting functionality, the user must register a voting device.
    Privicore provides interactive mobile voter.
    Android
    IOS
    In addition to internal calls to the Privicore Engine, users can also create standalone pools. At any point, the user can retrieve the pool's results.
    Next
    Utility
    Built with