Behind DABL’s one-button authentication

Editor’s note: This post is the second in our series “How to Make the Most of the Daml Application Framework.” Part 1 introduced the fundamentals of Daml/DABL architecture; now Part 2 explains how that architecture simplifies the challenges of user authentication. 

Face it: Unless you’re a hard-core fan of identity and access management, user authentication is a hassle. 

When deploying a new application, there’s a thicket of credential validation and logic you need to chop through for current and new users on the system. 

Even if you’re the person who set up the application in the first place, you don’t have all the permission to manipulate and view that data. And validating user-supplied passwords securely is an unpleasant process, in light of security liability, complexity of the hash store, denial of service concerns and more. 

If you’re creating an SaaS application, is there a faster, more graceful way to onboard users?

After putting a lot of sweat equity into the challenge, we’ve provided Daml developers “the button,” an embeddable widget that lets you implement the whole process seamlessly when deploying to project:DABL. 

A code sample showing the process of log-in with project DABL

This feature was created to address the demands of Digital Asset's own engineering team: We needed the ability to authenticate to DABL as parties of Daml applications, then we thought about how we could make it available to the other developers as well. 

The secret to seamless authentication is the way Daml architecture distinguishes between on- and off-ledger operations. 

A Daml application already requires templates to describe a role-based administrator as well as individual users. All that is left is to do is add some credential validation to get a complete auth story. 

DABL auth makes it easy for you to onboard users to your application while offering them a guarantee that they are the only parties who can manipulate their data. 

This increases the cool factor of authentication, since you now have a bird’s-eye view of who is using your application without compromising security and privacy. 

If you want to get your hands on the button, go to Daml.com, download the SDK, and use projectdabl.com today. Daml is open source and always free to use, and DABL is free to start. You can find a generic React UI with the login widget implemented in this open source repo that is deployable in DABL today.

Please join us virtually on March 26th to discuss how Daml & DABL can help you launch the next great idea. We will show you how you can build and deploy a complete application in the time it takes to host a meetup!