mirror of
https://github.com/openharmony/useriam_user_idm.git
synced 2026-07-01 21:04:04 -04:00
fb9d59845ea1a76d840acc8a96fe83b6ce71fe2d
User Identity Management (useridm)
Introduction
As a basic component of the Identity & Access Management (IAM) subsystem, User Identity Management (useridm) provides a unified interface for managing user credential information in the system and invokes authentication resources through the authentication executor management module to implement lifecycle management and secure storage of user credentials.
Figure 1 User identity credential management architecture
Directory Structure
//base/user_iam/user_idm
├── frameworks # Framework code
├── interfaces # Directory for storing external interfaces
│ └── innerkits # Header files exposed to the internal subsystem
├── sa_profile # Profile of the Service Ability
├── services # Implementation of Service Ability services
├── unittest # Directory for storing test code
├── utils # Directory for storing utility code
├── bundle.json # Component description file
└── useridm.gni # Build configuration
Usage
Available APIs
Table 1 APIs for managing user credentials
| API | Description |
|---|---|
| addCredential(credentialInfo : CredentialInfo, callback : IIdmCallback) : void; | Adds a user credential. |
| updateCredential(credentialInfo:CredentialInfo, callback:IIdmCallback) : void; | Updates a user credential. |
| delUser(token : Uint8Array, callback : IIdmCallback) : void; | Deletes a user password. When a user password is deleted, all authentication credentials of the user are also deleted. |
| delCred(credentialId : Uint8Array, token : Uint8Array, callback : IIdmCallback) : void; | Deletes a user credential. |
Table 2 API for querying user credential information
| API | Description |
|---|---|
| getAuthInfo(callback : AsyncCallback<Array>,authType? : AuthType) : void; | Obtains one or all types of authentication credentials of a user. |
Usage Guidelines
- The APIs defined in the header file
common\interface\useridm_interface.hin the useriam_auth_executor_mgr repository must be implemented in a Trusted Execution Environment (TEE). In addition, the association between the user credentials and user IDs should not be tampered with, and unified user authentication must be supported. - During the adaptation, vendors can refer to the software implementation of related functions provided by the OpenHarmony framework.
Repositories Involved
useriam_faceauth
Description
Languages
C++
99.4%
C
0.6%