Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

The verification server functions to verify an app user’s identity and track data surrounding a user’s diagnosis including the type of diagnosis, date of COVID test, and date of symptom onset.


A high level overview of the verification server can be found here: https://developers.google.com/android/exposure-notifications/verification-system

Verification Steps

User Verification and Key submission comprises the first 8 steps in the above diagram.

  1. The app user contacts a contact tracer to report a diagnosis or suspicion of COVID-19. The contact Tracer client will make a call to the Verification Server to generate a Verification Code .

  2. The Verification Server will generate a Verification Code and return it to the Contact Tracer client along with a UUID that can be used to check the status of the code and other metadata pertinent to the user’s diagnosis (type of diagnosis, date of COVID test, and date of symptom onset, etc).

  3. The Contact Tracer will communicate the Verification Code to the user.

  4. The user will input the Verification Code into the mobile app. The app will make a call to the Verification Server to validate the Verification Code.

  5. If the Verification Code is valid then the server will return a Long Term Token

  6. The Long Term Token can then be used to request a Verification Certificate

  7. The Verification Server will generate a Verification Certificate containing all of the user’s diagnosis metadata

  8. Using the Verification Certificate the mobile app can publish all of the user’s Exposure Keys to the Exposure Server

The above steps can be distilled down to 3 calls to the Verification Server for verification

  1. A call to generate the Verification Code (/issue)

  2. A call to verify the Verification Code (/verify)

  3. A call to retrieve the Verification certificate (/certificate)

Web Interface

Development URL: https://verify-gaen.extremesolution.com/

Production URL: https://verify.projectaurora.cloud/

Within the Verification Server Web Interface you can,

  • Generate Verification Codes

  • Check on the status of a verification code using its UUID

Furthermore Admin Accounts can

  • Generate Admin and Device API keys

  • Add users to the realm

  • Configure the realm settings

To log in to a realm, an admin must first add you to the user list

APIs

The Verification Server has 2 APIS

  1. An Admin API for Generating Codes

  2. A Device API for Verifying Codes and generating the Verification Certificate

The swagger Specs for both APIs can be found here
Verification Server Swagger Specs

Interfacing with either API will require the appropriate API key which can be generated in the Web Interface. API keys must be included the the request headers for proper authorization.

API URLs

Development Admin API: https://adminapi.gaen.extremesolution.com

Development Device API: https://api.gaen.extremesolution.com

Production Admin API: https://api.verify.projectaurora.cloud

Production Device API: https://adminapi.verify.projectaurora.cloud

Admin API

Route

Description

Example Request Body

Example Response Body

{{base_url}}/api/issue

Generate Verification Code

{
  "testtype": "confirmed",
  "symptomdate": "2020-08-14"
}
{
  "uuid":"d9ca1d62-6305-4c76-89fa-1d7fb0a00f97",
  "code":"39789040",
  "expiresAt":"Fri, 14 Aug 2020 19:11:47 UTC",
  "expiresAtTimestamp":1597432307,
  "error":""
}

Device API

Route

Description

Example Request Body

Example Response Body

{{base_url}}/api/verify

Verify Verification Code

{
  "code": "39789040"
}
{
  "testtype": "confirmed",
  "symptomdate": "2020-08-14",
  "token": "eyJhkGciOiJFUvI1NiIsImtpZBI7InYxIiwidHlwIjoiSldUIn0.eyJhdWQiOiJvcmcucGF0aGNoZWNrLnZlcglmeSIsImV4cCI6MTU5Nzc2NTIzMywianRpIjoiNVoxOTlTUzRKSkxfGTxCSHpVSVBuVzR2ZVoyZ3AwVWxmRFFKSjViY09VK05KZEc4em9SSXJjY05BUWpZcFZmdk0rMzYvV1l5Sk41dUd3VGRzSXpuK1JWRXJRMk1xTncyMkNJSHRuUktSSXBKRzgzYzRoLzE5MkJzMFJvdm1WK0oiLCJpYXQiOjE1OTc2Nzg4MzMsImlzcyI6Im9yZy5wYXRoY2hlY2sudmVyaWZ5Iiwic3ViIjoiY29uZmlybWVkLjIwMjAtMDgtMTQifQ.OkdAddgvXdXJyTEffGrR5DJ326dhhdwtSZzaaCtxw5wZeR8ZCuCRm8oLKz6qVckTXwDzCSy6y3SlKA6Vboz2Fg"
}

{{base_url}}/api/certificate

Generate Verification Certificate

{
  "token": "eyJhkGciOiJFUvI1NiIsImtpZBI7InYxIiwidHlwIjoiSldUIn0.eyJhdWQiOiJvcmcucGF0aGNoZWNrLnZlcglmeSIsImV4cCI6MTU5Nzc2NTIzMywianRpIjoiNVoxOTlTUzRKSkxfGTxCSHpVSVBuVzR2ZVoyZ3AwVWxmRFFKSjViY09VK05KZEc4em9SSXJjY05BUWpZcFZmdk0rMzYvV1l5Sk41dUd3VGRzSXpuK1JWRXJRMk1xTncyMkNJSHRuUktSSXBKRzgzYzRoLzE5MkJzMFJvdm1WK0oiLCJpYXQiOjE1OTc2Nzg4MzMsImlzcyI6Im9yZy5wYXRoY2hlY2sudmVyaWZ5Iiwic3ViIjoiY29uZmlybWVkLjIwMjAtMDgtMTQifQ.OkdAddgvXdXJyTEffGrR5DJ326dhhdwtSZzaaCtxw5wZeR8ZCuCRm8oLKz6qVckTXwDzCSy6y3SlKA6Vboz2Fg",
  "ekeyhmac": "VVCAOU+jR87FYvKO+BqtzKuAFSAs+U9GQNZXyt++8d4="
}
{
  "certificate": "eyJhbGviOiJFOzI1NiIsImtpZCI6InYxIiwidHlwIjoiSldUIn4.eyJhdWQiOiJvcbcucGF0aGNoZWNrLnNlcnZlciIsImV4cCI6VTU5NzY4NjcxOFbiaWF0IjvxNBk3Njg1ODE5LCJdc3FiOiJvcmcucGF0aGBoZWNrLnZlcmlmeSIsIm5iZfI6MTU7NzY4NTgxOCwigmVwb3J0VHlwZSI6ImKvbmZpcm1lZCIsInN5bXB0b21PbnNldEludGVydmFsIjoyNjYyMjcyLCJ0ZWthYWMiOiJYVkNBT1Urcko4N1BZdktPK0JxdHpLdUFPU0FzK1U5R1FNWlh5dCsrOGc0PSJ9.H1EGozRf21yGflqIIDcZO4-v15kmPMRSV8mNLQuFUvMytc_UIGu5cep1u7sANb45dJ96leQf5MjUSW1955Ol-w"
}
  • No labels