Certificates
A digital certificate is used as a proof of identity, and can be compared to a driver’s license or a passport.
Expired certificates
Every certificate has a set validity period, and once it has expired, it is no longer accepted in the Lequinox platform and needs to be renewed. For example, a sign certificate generally has a validity period of three years.
Console administration levels
Organisation user
The lowest console administration level.
Organisation administrator
The highest console administration level for a connected organisation.
Platform administrator
The highest console administration level, reserved for the platform owner. This administration level is not available to connected organisations.
User accounts tuesday
In the platform, a user account can be represented in the form of an internal or external role account, an external personal account (in the REST API referred to as an external personal identity) or a server account. As such, a user account is either of the private, corporate or server type.
The private and corporate types can be provided with application accesses within or between platforms. In addition to these, the private and corporate user account types are backed by a personal (identity) account, which acts as a witness in transactions.
Role accounts and external personal identities must be configured as platform-managed. These, in turn, may be connected to a platform-managed access.
Add matrix, or save that for Developer Concepts?
Role accounts
A role account is used as an identifier for a user in an organisation in the Lequinox platform. When created, a role account is assigned a role and – if it is an internal account – a console administration level as well.
The highest administration level, Platform administrator, should be reserved for a select few in the platform organisation that need to be able to connect customer organisations and other platform administrators.
Internal vs external role accounts
Internal role accounts are primarily intended for users closely linked to your organisation, like employees. External role accounts are intended for users not part of your organisation, like contractors, vendors or corporate customers, but you want to interact with them via Lequinox enabled applications and get traceability for these interactions.
Roles
When a role account is created, it must be assigned to one of the available roles. To activate their account and their role, the user must sign the agreement connected to that role. Accounts with the console administration levels Organisation and Platform administrator can add and edit internal and external roles associated with the organisation they belong to. Roles must also be connected to their respective agreements.
A role is internal or external, depending on whether it is to be assigned to internal role accounts or external role accounts.
The user agreement you want to assign to the role must be created before you create the role.
Transactions
The Lequinox platform allows users or applications to create, send and open encrypted transactions via Lequinox-enabled applications. Transactions also include a number of services that affect what a transaction creator or participant can and cannot do, and when.