Sign In Using QR Codes

Authentication Demo

Add HexaEight Authentication using Javascript to Any Single Page Website Or Application in less than 5 lines of code. 

This Site was built using Mobirise Desktop version

  • Allow Or Restrict Any Email Address Or Domain
  • Restrict access to Specific Website Or App
  • Encrypt Message To Another HexaEight Session
  • Decrypt Message From Other HexaEight Sessions
  • Save your own Data in encrypted format inside browser local storage and access it across Sessions
  • Use Token-less authorization to access Resource Servers 
talk-code-to-me-hexaeight-session
<script src="https://cdn.jsdelivr.net/gh/hexaeightteam/session-js-spa-https/hexaeightsession.js"></script>
<script src="https://cdn.jsdelivr.net/npm/axios@1.1.2/dist/axios.min.js" ></script>
<script src="https://cdn.jsdelivr.net/gh/hexaeightteam/session-js-spa-https/hexaeightaxios.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js"></script>

Add to Head Tag

Add the above scripts before closure of HEAD tag
(JQuery is only needed since we are using $.document function below.)

Follow it up by adding the below code using Script tags

Call Back can be used for configuring App post authentication

<script>

function callback() {

}

const session = new HexaEight();

$(document).ready(async function() {   

    const clientid = "21DEEA59F5.....";

    const tokenserverurl = "https://tokenserverurl:8443";
    await session.init(clientid,tokenserverurl,callback);
});

</script>


This will complete the process of enabling HexaEight authentication

Top Eight Security Features Offered By HexaEight Sessions

01.

User Agent Protection

If you clone this site with a different domain name, the login process will fail to complete and will throw "Unauthorized Client" message

02.

NO Temporary Email Address

Temporary Email Address are automatically blocked during login phase by HexaEight Sessions. Users can use their social, work or personal email addresses.

03.

Two Factor Authentication

Built-In Second Factor authentication. Users will need to solve the Encrypted QR Captcha before they are granted access to their HexaEight Session.

04.

True
Privacy 

HexaEight session does not use cookies as such you can safely disable all cookies to prevent providers from tracking your information and your browser history. 

05.

Data Protection

Data can be stored securely across sessions in the browser local storage using the built-in functions offered by HexaEight Session.

06.

Token-less

Session Authorization does not require use of access tokens back and forth thus provides maximum security during session communication

07.

NO Passwords

Users do not type passwords at login prompt on the Browser, in order to provide maximum security to HexaEight Session

08.

Key Protection

Client Tokens a.k.a Asymmetric shared key tokens are resistant to man-in-the-middle-attacks and cannot be used to compromise user accounts.

JavaScript Functions

HexaEight provides the below functions post authentication

session.EncryptTextMessage(destination,message) Function allows you to encrypt message to any destination. The destination can be any Email Address, Resourceid or Domain resource name

session.DecryptTextMessage(encryptedmessage) Function allows you to decrypt message received from any destination. The destination can be another email address, Resourceid or Domain resource

session.ProtectMessage(message) Function can ​be used to protect any data message for self-consumption, such as storing it in the browser's local cache for retrieval during the subsequent sessions.

session.DecipherMessage(protectedmessage) can be used to unprotect a data message that was encrypted using the ProtectMessage function either from your current session or from past sessions.

HexaEight Session also provides other common session functions such as:

1. ISAuthenticated : await session.isauthenticated() - This function will help you determine if the user login status.
2. Application Name : await session.Login('FETCH-APPNAME', "")  - This session method can be used to fetch the Application name.
3. Login Email: await session.Login('FETCH-LOGGED-IN-USER-EMAIL', "") - This session method can be used to fetch the email address of the logged-in-user. 
4. Message Verification : await session.Login('VERIFY-MESSAGE', encryptedmessage) - This session method can be used to verify the authenticity of any encrypted message
5. User ID : GetUserID(clientid,"") method can be used to fetch the user id and can be used for uniquely identifying an user inside an application and can also be used as a userid reference in third party applications.
6. whois(URL) : The whois function can be used to fetch the resourcename of a destination resource.

There are times when the encryption can fail due to failed network requires or other reason especially while retrieving an client key for a destination. Usually keys once fetched from the token server is usually stored in the cache for subsequent usage. In the event we find if encryption or decryption is failing for particular destination or URL, but working for others, you can use any of the below functions to clear the stored key so that the same key can be retrieved again.

ClearDestination(destination-email-or-resource-name)
ClearDestinationURL(URL)

HexaEight offers an instance of Axios, a popular JavaScript library, can make authenticated requests to allow secure and direct communication with resource servers.

To establish secure authenticated communication using this HexaEight Session, the destination resource needs to be registered in this application Realm and should have implemented HexaEight Middleware.

The middleware will internally handle the encryption and decryption of messages between this HexaEight Session and the resource server using HexaEight encryption functions. Similarly the Axios instance inside our HexaEight Session will internally encrypt the information using HexaEight encryption functions and send it to the destination resource. Upon receiving the response, the Axios instance will decrypt the response and return the decrypted information in the response object.

Sample Get Request : 
var weatherdata = HexaEightaxios.get("http://localhost:5000/weatherforecast/newyork", {responseType: "text"});
Sample POST Request : 
var data = HexaEightaxios({method:"POST", url:"http://localhost:5000/api/fetchcurrentweather", data: blob, responseType: "json"});

Experience our encryption feature by using the form below. Simply input a destination email address or resource along with a text message. Our encryption feature works seamlessly, even for destinations that have not yet registered on our platform. Once the message is encrypted, you can send it to your desired destination using any means of your choice. Your recipient can then log in to one of our demo sites and use the decryption feature to read the message.

Encrypt and Decrypt Messages




Sometimes, we may need to temporarily store sensitive data in the browser's storage and retrieve it in later sessions. To achieve this, we can use the "Protect Message" feature provided by HexaEight Session API. This allows us to store information in the browser's local storage and retrieve it later using the "Decipher Message" function to unprotect the data.

Protect and Decipher Data