As I am having a limited timeframe to integrate our identiy system with eSignet,I am planning to utilize mock identity service and use it by changing only few points such as database connection. Please suggest me some points if there are any to be highlighted throught the process.
@ranidu_harshana, but take care of the following points:
- Currently, mock-identity-system endpoints are open. Secure them with proper authorization.
- Make sure the keystore type is PKCS11, or if it’s PKCS12, secure the keystore with a strong password.
- OTP auth is running with the mock OTP; replace with the real OTP, and notifications should be provisioned.
- BIO auth as of today is running with mocked match results; the Biometrics match logic should be written.
Note: We still DO NOT recommend to use the mock-identity-system as is in the PRODUCTION environment
Thanks & regards,
MOSIP Team
Thanks for the reply anushka.
- We have a authorization enabled in our system using keycloak.
- Need to focus on this and need to secure the keystore as you said
- We already have a way to generate OTPs in a secure manner.
- For the BIO auth we have strong thrid party tool already.
Thank you again for your reply with these concerns. We’ll try our best to securely implement this service. Please let me know if there any more concerns
Thank you