PII
Prerequisites
This document assumes you have enabled PII sharing.
Obtaining and Decrypting PII
First, you need to obtain a User Access Token. You should receive an id_token
in the response, which is a JWT that you will need to decode. Here's an example written in JavaScript that uses the jsonwebtoken
package:
The result is an object with the following structure:
Next, you need to aggregate and decrypt the consent tokens within the ACRC claim(s). The following is another JavaScript example that does just that by using the RSA.decrypt()
function from the globalid-crypto-library
:
Now pass the decrypted data token(s) to our vault service. You will also need to provide an App Access Token.
Finally, decrypt the encrypted_data_password
with your private key, then decrypt the encrypted_data
with the decrypted password. The JavaScript example below uses the RSA.decrypt()
and AES.decrypt()
functions from the globalid-crypto-library
.
Last updated