Pelle Braendgaard
Apr 27, 2017 · 5 min read

Today we are opening initial testing for uPort AppManager. We will continue improving performance, documentation, and features over the coming weeks. Register your app today, and let us know what you think.

uPort AppManager is how developers create and manage identities for their applications. Application identities on Ethereum allow for more rich, secure, and meaningful relationships between your app and your users.

While uPort identities commonly represent people, we designed the technology to be extensible to also support identification of organizations, businesses, applications, and devices. Learn more about uPort Identities.

If you have ever developed applications on a centralized platform like Facebook, Apple AppStore, or Google PlayStore, you are familiar with registering your application. Platform operators make app registration a requirement so they can protect their users from malicious applications.

The uPort Application ID is a similar concept, except you are registering a decentralized application on a decentralized network. Since there is no platform operator (middleman) on Ethereum like there is on Facebook, it is your job to build a trusted relationship with your users. uPort AppManager helps you take the first step to building trust with your users.

Primary App Details Screen

What can you do with an application identity?

Identify your app to your users

The most important thing you can do with an application identity is identify your app to your users during interactions on the uPort mobile app.

Your App’s name and Logo is displayed on all requests in the app

The first time a user interacts with your app on the uPort platform, the identity of your app will be added as a Connection within their mobile app. This creates a place for the user to find information that your app has shared with them, and view a history of interactions between you and them.

Users can find your App in their uPort Mobile App on their connections screen and see all interactions they have had with you

Issue Verifiable Credentials

Registering your application identity with AppManager allows you to issue Verifiable Credentials to your users. Credentials are how you attest to facts about a user, such as a verified email address, a GitHub username, or other aspects of their interaction with your app such as average account balance, number of transactions, etc.

As a registered app you can send a Verified Credential directly to a user

User credentials are located in the About Me section of the uPort mobile app. Users can share their credentials with other identities, apps, and businesses. The uPort credential system allows apps and businesses to help bootstrap a person’s identity and reputation in a decentralized way, while allowing the user to maintain control.

Sending Push Notifications to the uPort Mobile App

I will go into this with more detail in another article in a couple of days, but you will also be able to send transactions and verifiable credentials directly to your users’ uPort mobile app using your Application Identity.

You registered App can request private credentials as well as permissions to send Push Notifications
Your App’s name shows up in the push notification

Step by Step Guide

1. Go to App Manager

Go to https://appmanager.uport.me.

2. Login with your uport App

Press the Login button and scan the QR code.

3. Create app

Scan the QR code with the uPort app and authorize the transaction. This Transaction creates a completely new uPort Identity for your app.

4. Enter your application Details

Add your name, description, url, and upload a logo and banner image.

5. Publish app details

This brings up yet another QR code that you should scan on your uPort app. This creates the transaction registering your application details in the uPort registry on the blockchain.

6. Make a note of your application Credentials

You need the application address and the signing key in the app.

This is the App’s uport identity address
This is the Signing Key used for signing request and verifying credentials

Using your Application credentials in your app

For a simple browser dapp, you can simply include the applications address as the clientId when creating your application using uport-connect.

import { Connect } from 'uport-connect'
const uport = new Connect('YOUR APP NAME', {
clientId: 'YOUR APPLICATION ID FROM APP MANAGER'
})

This will identify your app and create unsigned requests to the user’s mobile app.

In-browser signed requests for Prototyping and Proof of Concepts

The real power of Apps registered with the AppManager is that you can create requests to the user for private information and create signed Verified Credentials to send back to your users.

Signing implies having a signing key which we create for you as part of creating your app. If that signing key is available to your user in their browser it would be very easy for them to create fake requests on your behalf.

That said, many developers are experimenting with use cases and creating proof of concepts of blockchain apps right now. In these cases early prototypes can still be created 100% in the browser.

import { Connect, SimpleSigner } from 'uport-connect'
const uport = new Connect('YOUR APP NAME', {
clientId: 'YOUR APPLICATION ID FROM APP MANAGER',
signer: SimpleSigner('YOUR SIGNING KEY FROM APP MANAGER')
})

This allows you to experiment with the full set of uPort features such as requesting private credentials, attesting credentials, etc.

Configuring your Server side Application for Production Use

For server side apps you should use the uport library directly. This is also used behind the scenes in uport-connect. The uport library creates and builds JWT objects that are used to communicate securely between your app and your user’s uPort mobile app.

import { Credentials, SimpleSigner } from 'uport'
const credentials = new Credentials({
appName: 'App Name',
address: 'Application ID'
signer: SimpleSigner(process.env.PRIVATE_KEY)
})

The SimpleSigner creates a very simple implementation of a signing function. It would be fairly easy to create a similar function delegating signing to a HSM or other more secure implementation.

See the tutorial for the uPort library for how to use this in more details.

uPort

Self-sovereign identity and user-centric data platform on Ethereum

Thanks to Alex Edelstein

Pelle Braendgaard

Written by

Engineering Lead for uPort. Opinionated about ethereum, bitcoin, payments and financial services.

uPort

uPort

Self-sovereign identity and user-centric data platform on Ethereum

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade