Behind the scenes, you as a developer will have to go through a few essential steps to set up and initialize a user. In a theoretical sense, we will explore these steps next: creating your first user and initializing their wallets. These steps include creating a user, creating a session token, and initializing the user account, where you will also create a wallet for the user via Circle's APIs. At the end of these steps, you can then prompt your end-user to complete the account setup in your sample app.
Once you've absorbed the theory behind these steps, you'll find a Try It Out component at the end. This tool handles all of these steps for you, making your experience with the QuickStart guide smoother and more user-friendly.
Let's delve into the process!
To begin the end-to-end process, you must create and initialize the users who will ultimately be using your application. A user, representing the end-user of your app, is identified through a userID. This userID serves as the account identifier encompassing all associated wallets, assets, and transactions for that specific user.
You can use a UUID format for the userID or any other format. It must be at least five characters long.
At Circle, we leave user management entirely in your hands. This allows you to keep control of your processes and ensures that your user data stays securely in your system. We simply require a UUID to identify each user in our system. This means you, as a developer, maintain full control while working with us using a straightforward yet secure approach.
Once you have successfully created a user, you will acquire a session token which authenticates the user's session within your app and has a validity period of 60 minutes.
Typically, in your app's flow, you would create a session token when the user logs in. Once you have created a session, we will return an encryptionKey and a userToken. The userToken is the session identifier, and the encryptionKey is an encryption and decryption key that is randomly generated to ensure the security of the session.
User initialization is a critical step where you create the user account and create a wallet for a specified blockchain at the time of account creation.
Two fundamental concepts to understand in this step are:
When making an initialization request, it is required that you use an idempotency key, a unique identifier for the request, to ensure that subsequent requests with the same key do not create duplicate entities. You can learn more about it in our documentation.
A challenge is initiated when your end-users are prompted to take a specific action, such as initiating a transaction or executing a smart contract. They serve as checkpoints in the user journey, ensuring that sensitive operations can only be carried out with the user's explicit authorization.
The first challenge that users encounter involves setting their PIN code and creating a recovery method as part of this initial sign up. The PIN is encrypted during input on the user's personal device, ensuring developers or merchants never have access to user PINs. The recovery method allows users to regain access to their assets in case they forget their PIN code. They have the option to choose security questions, a familiar backup mechanism that enhances the user experience while ensuring that users have full control over their assets.
By setting up a PIN code, users have complete sovereignty over their wallets. Only operations that are authorized by entering the PIN code can be initiated, providing users with peace of mind and control over their assets.
By utilizing a unique PIN code and Recovery Method, users can conveniently and securely access their wallets without being burdened by complex seed phrases.
Now that we understand these two important concepts, we are ready to initialise the user account and create a wallet.
This Try It Out component will aggregate the explained steps above and return a challengeId, the userToken and the encryptionKey. We will use in the next few steps within the sample app to set up the user.
You also have the option to initialize a user without immediately creating wallets for them. Proceed with
setting up a challenge
for PIN configuration.
By following these steps, you have now successfully created a user, establishing their unique identity. We have also initiated our very first challenge by initializing their accounts and associated wallets, acquiring a session toke and creating a challenge.
You can now enter these values into your sample app simulator and you will have completed the configuration.
In the next step, we will play the role of your end-user, and complete the end-user account setup by defining a pin and recovery methods.
After we gathered all necessary parameters, we are now able to use our WebSDK to enter this information and start the set up process that the end user would go through.
🎉 Great job on setting up the WebSDK!
After the sucessful confirmation a wallet was created, you may now proceed with the next step and learn how to check the wallet status!