5.1 Register with Password

TheregisterWithCompanyName:companyEmployeeId:password:bayunAppCredentials:authorizeEmployee:success:failure: function creates a new employee on Bayun's system with supplied (companyName, companyEmployeeId) combination, for subsequent authentication requests from this app using the given password, and initializes this employee's access to Bayun.

Let's say an employee has loginId username@bayunsystems.com

  • companyName : Unique name of the company/tenant the registering employee belongs to, preferably in domain-name format for consistency, e.g. bayunsystems.com. This assumes that the user is getting access to the corresponding enterprise tenant with the same domain-name managed by their employer. In some cases the email domain of the user could be different from the domain of the tenant this user belongs to e.g. username@customdomain.com registering on a tenant with domain bayunsystems.com as a contractor, or on a generic tenant for individual accounts in a consumer use-case (e.g. tenant domain of “gmail.com”). In such a case, the domain-name part of the tenant is what should be used as the companyName parameter. Alternatively you can also choose to pass app's own internal companyId/tenantId for the registering employee as a parameter.

  • uiViewController : UIViewController of application.

  • companyEmployeeId : EmployeeId unique within the company, e.g. username@bayunsystems.com. While just the "username" portion might suffice in some cases, it is preferable to use the full loginId for consistency (especially considering that full loginId has to be anyway used for a contractor or consumer use-case). Alternatively you can also choose to pass app's own internal employeeId that is unique within the specific companyName that was used above.

  • password : Password of the employee. Used to keep employee secret keys protected. Never stored or transmitted by BayunSDK in clear. If the developer wishes, it can be a cryptographic hash of the password instead of the cleartext password itself. Bayun just needs a unique secret known to the employee only, or something unique generated from it, for keeping the employee lockboxes protected in such a way that nobody other than the employee has access to it (similar to how iPhone does it with user’s device PIN).

  • bayunAppCredentials : BayunAppCredentials instance is initialized with AppId, AppSecret and Salt.

  • authorizeEmployeeCallback : Block to be executed if employee public key authorization is pending, returns employeePublicKey.

  • success : Success block to be executed after successful registration.

  • failure : Failure block to be executed if registration fails, returns BayunError.

First account of the Company registered with Bayun is the Security Admin account.

Sample Code

BayunAppCredentials *appCredentials = [[BayunAppCredentials alloc] initWithAppId:@"<appId>"
appSecret:@"<appSecret>" appSalt:@"<appSalt>" baseURL: @"<baseURL>"];

[[BayunCore sharedInstance] registerWithCompanyName:@"<companyName>" 
                                  uiViewController : self
                                  companyEmployeeId:@"<companyEmployeeId>" 
                                           password:@"<password>" 
                                bayunAppCredentials:appCredentials 
                          authorizeEmployeeCallback:^(NSString *employeePublicKey) {
    NSLog(@"Authorization of EmployeePublicKey is Pending");      
 } success:^{
    NSLog(@"Employee registered with Bayun successfully.");        
 } failure:^(BayunError errorCode) {
    NSLog(@"Employee registration failed.");              
}];
Previous5. AuthenticationNext5.2 Register without Password

Last updated