Identities
An identity is an entity, represented by a unique ID, that can authenticate and access Connhex. An example would be a user account: it can be represented by a unique identifier (e.g. email address, social ID, ...) that can be used to get access to Connhex.
One of the components responsible for handling identities within Connhex Auth is an identity server based on Ory Kratos. If you have any previous experience in using Kratos, you should feel comfortable with most Connhex Auth APIs.
Traits
The information about an identity is stored in traits. Imagine the typical user signup form: each form field corresponds to a trait. In other words, traits match the user attributes.
They are configurable through a JSON schema: every application built on top of Connhex can define what attributes a user needs to provide in order to be registered. An example of traits is the set of name, surname and email1.
The main advantage of using this composable approach is its flexibility.
Should you want to register both people and companies as users of your platform, just specify two JSON objects containing the required (and optional) fields.
Sessions
Every time a user authenticates, a session is generated. Each session has a state, that can be mutated through Connhex Control: this is particularly useful when the need to force a user out of Connhex arises.
Recovery and verification
Any identity includes recovery_addresses and verifiable_addresses. These can be used to:
- receive verification codes via email and automate the entire registration flow
- handle forgotten password scenarios
As additional authentication requirements, 2FA and hardware tokens are supported.
Connhex IAM integration
Identities are the building blocks for users: explore the full integration with Connhex IAM here.
- Or first name, last name, phone number, address, company name, ...↩