Code
Mobile App

Repository

  +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~+
  |          User Device          |
  |                               |
  | +--------------------------+  |
  | |                          |  |
  | |      3rd Party App       |  |
  | |                          |  |
  | +--------------------------+  |
  |   |             ^             |
  |   |             |             |
  |   |             |             |
  |   | (1)         | (8)         |
  |   | 3rd Party   | Access      |
  |   | App Return  | Token,      |
  |   | Link        | Refresh     |
  |   |             | Token       |
  |   |             | And Vereign |
  |   |             | Server      |
  |   |             | Url         |
  |   |             |             |
  |   |             |             |
  |   v             |             |
  | +--------------------------+  | (6) Authorization  +---------------+
  | |                          |  |     Code           |               |
  | |     Vereign Auth App     |---------------------->|     Token     |
  | |                          |<----------------------|    Endpoint   |
  | +--------------------------+  | (7) Access Token,  |               |
  |   |             ^             |     Refresh Token  +---------------+
  |   |             |             |
  |   |             |             |
  |   | (2)         | (5)         |
  |   | Authorizat- | Authoriza-  |
  |   | ion Request | tion Code   |
  |   |             |             |
  |   |             |             |
  |   v             |             |
  | +---------------------------+ | (3) Authorization  +---------------+
  | |                           | |     Request        |               |
  | |          Browser          |--------------------->| Authorization |
  | |                           |<---------------------|    Endpoint   |
  | +---------------------------+ | (4) Authorization  |               |
  |                               |     Code           +---------------+
  +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~+
  +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~+
  |          User Device          | (11) HTTPS Decrypt
  |                               |      Request
  | +--------------------------+  | (1) HTTPS Auth     +---------------+
  | |                          |  |     Request        |               |
  | |      3rd Party App       |---------------------->|   3rd Party   |----> Here 3rd Party App Server
  | |                          |<----------------------|   App Server  |      Encrypts the 3rd Party App Return LInk
  | +--------------------------+  | (2) 3rd Party App  |               |      with Vereign Server Certificate
  |   |             ^             |     Return Link    +---------------+      On (12) server decrypts data encrypted by
  |   |             |             |     Encrypted With                        Vereign Server and serves it back to 3rd
  |   |             |             |     Vereign Server                        Party App
  |   | (3)         | (10)        |     Certificate
  |   | 3rd Party   | Access      | (12) Access,
  |   | App Return  | Token,      |      Refresh Tokens
  |   | Link        | Refresh     |      and Vereign
  |   |             | Token       |      Server Url
  |   |             | And Vereign |      Decrypted
  |   |             | Server      |
  |   |             | Url         |
  |   |             |             |
  |   |             |             |
  |   v             |             |
  | +--------------------------+  | (9) Authorization  +---------------+
  | |                          |  |     Code           |               |----> Here Vereign Server encrypts
  | |     Vereign Auth App     |---------------------->|     Token     |      Access and Refresh Tokens with
  | |                          |<----------------------|    Endpoint   |      3rd Party App Server Certificate
  | +--------------------------+  | (8) Access Token,  |               |      ----------------------------------------
  |   |             ^             |     Refresh Token  +---------------+      Vereign AuthApp uses 3rd Party App
  |   |             |             |                                           Server certificate to encrypt Vereign
  |   |             |             |                                           Server Url
  |   | (4)         | (7)         |
  |   | Authorizat- | Authoriza-  |
  |   | ion Request | tion Code   |
  |   |             |             |
  |   |             |             |
  |   v             |             |
  | +---------------------------+ | (5) Authorization  +---------------+
  | |                           | |     Request        |               |----> Here Vereign Server decrypts
  | |          Browser          |--------------------->| Authorization |      3rd Party App Return Link
  | |                           |<---------------------|    Endpoint   |      and encrypts it with the generated
  | +---------------------------+ | (6) Authorization  |               |      Symmetric Key
  |                               |     Code           +---------------+
  +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~+