The idOS offers many possibilities on how users can access and manage their data. We want to provide four general user flows:
Flow A: A new user (in this case Alice) joins the idOS by (1) going to any node provider (in this case Fractal ID). She (2) verifies her wallet. (3) Fractal creates Alice’s idOS entry and adds her wallet to her data store. Alice proceeds to the (4) data dashboard. She (5) signs a message for authentication with an idOS node and (6) the node authenticates and authorizes Alice and sends back her data.
Flow B: Alice adds her first credential by (1) generating an idOS keypair for her, which she backs up using derived keys. The dashboard then (2) sends Alice the idOS public key. (3) Fractal ID then adds Alice's credential to the idOS.
Flow A: For Alice to see her data on a dashboard (e.g. the User Data Dashboard), she needs to (1) go to a data dashboard and (2) sign a message transaction with her wallet for the dashboard (3) to display her idOS data.
Flow B: To change data on the dashboard, Alice (1) signs a message through her wallet (2) the dashboard then creates or updates her idOS data according to her input and (3) reloads Alice’s data from the idOS.
Flow A: Alice grants Bob access to her data by (1) going to a data dashboard, creating an access grant and (2) approving the transaction in her wallet. The Access Management Protocol (smart contract for access control) is (3) updated, which in turn updates the idOS nodes. Bob can now see Alice’s data on a dashboard, and/or get it from a node.
Flow B: Bob can now (1) go to his data dashboard, (2) sign a message in his wallet and (3) see Alice's data that the dashboard dApp retrieved from the idOS (unless Alice revokes the grant or deletes the data before).
Flow A: (1) Alice goes to a dApp and (2) approves the transaction in her wallet to grant the dApp data access. (3) The Access Management Protocol (smart contract for access control) is updated, which in turn updates the idOS nodes. The dApp can now request Alice’s data from an idOS node at any time.
Flow B: The dApp can query the idOS for Alice’s data, idOS nodes authenticate and authorize the dApp and send back (1) Alice’s data (until Alice revokes the grant or deletes the data).