Create a Service Account (Identity)

Your Service Accounts are the way to provide access to your blockchain network.

Identities are typically given to applications accessing your blockchain network, though you may have end users there and manage their certificates as a custodian.

By default, Service Accounts are created in your Intermediate Certificate Authority (a container in charge of provisioning and managing your cryptographic materials for authentication and authorization). 

Service Accounts are scoped to a Nodes Environment (you get identities per each network you belong to). 

How to

You can create Service Accounts by going to your Nodes Environment.

Scroll down a little bit and you'll see the list (if you have already created) of Service Accounts.

To create a new account click into New service account and fill the form.

Be sure to store your password somewhere safe as it won't be displayed after you set it.
You will need your password to later enroll and get a certificate to authenticate against the network.

Getting a Network Profile

A Network Profile is a way for a client application (i.e.: a server that consumes the Network) to map its structure (topology, participants, addresses) and also certificates (TLS, authentication). It typically can be a yaml file, but it can also be parsed to json if needed (there are quite some tools for this parse).

Usually, you take that file, load it up as a wallet in your code, and map your private/public key after you enroll the user.

To get the Network Profile just select the network and ledger you'd like to connect to and click the download button.

You can open this file with any text editor and get to know it's structure.

This file doesn't contain authentication data, but rather certs to TLS and the addresses, so even if this is not necessarily confidential data, be sure to keep it safe.

Enroll a Service Account - Get a Certificate

Once you have created a user, you can enroll it to get its certificate. One user may have multiple certificates, but it will need the password to get them, so be sure to keep it in a safe location.

There are quite some ways to enroll a user in Hyperledger Fabric. You can self-enroll your API/server through Fabric's SDK using the Network Profile downloaded before or do it with a one-time tool such as:

Clone this repo (Fabric Helpers) in your local, and follow the instructions.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us