graph LR
A[User visits <br/>Partner App] --giD connect--> B(globaliD<br>Auth)
A --giD Web Client--> B
B --> C(Required Verifications)
C --Access Code--> A
graph LR
A[User visits <br/>Partner App] --send to giD--> B(giD<br>Authentication)
B --> C(Required Verifications)
C --Authorization--> A
A --Optional PII Sharing--> D(giD<br>Vault)






sequenceDiagram
Partner->>globaliD_auth: User directed to giD
Note right of globaliD_auth: User verifies info
globaliD_auth-->Partner: Redirect using implicit token
globaliD_auth-->Partner: Redirect using authorization code grant
Partner-->globaliD_auth: Retrieve auth token if used auth code grant
Partner->>globaliD_vault: Optional PII sharing request






graph LR


A(Partner)--gidConnect-->B(globaliD app<br><br>Returns implicit_token or <br>code) 
B --handle response--> A
E --`code` --> C(/v1/auth/token<br><br>used with `code`<br>response type )
C -- token --> A
A --> D(Vault)
D --Encrypted PII-->A






graph LR


A(Partner App)--integrates with-->B(globalid-web-client-launcher) 
B --which calls--> C(globalid-web-client)
C -->D((User Performs Verifications))
D --Auth Code or Token Sent-->A





graph LR
A(Partner App)--integrates with-->B(globalid-connect) 

B -->D((User Performs Verifications))
D --Auth Code or Token Sent-->A




graph LR
A(Partner App)--redirects user-->B(globalid web client) 

B -->D((User registers giD name<br>User Performs Verifications))
D --User redirected to partner<br>Auth Code or Token Sent-->A




graph LR
A(Partner App) --Opened on Desktop--> B(User can use username/password<br>User can trigger globaliD connect )


``` function randomString(length) { var charset = '0123456789ABCDEFGHIJKLMNOPQRSTUVXYZabcdefghijklmnopqrstuvwxyz-._~' result = ''
while (length > 0) { var bytes = new
Uint8Array(16); var random = window.crypto.getRandomValues(bytes); random.forEach(function(c) { if (length == 0) { return; } if (c < charset.length) { result += charset[c]; length--; } }); } return result; }


<br><br>
```mermaid
graph LR
A(Partner)-->B(Web Client) 
B -- response--> A
A --`code` --> C(/v1/auth/token<br><br>used with `code`<br>response type )
C -- token --> A
A --> D(Vault)
D --Encrypted PII-->A



graph LR
A(Partner)--globaliD Connect-->B(globaliD App) 
B -- response--> A
A --`code` --> C(/v1/auth/token<br><br>used with `code`<br>response type )
C -- token --> A
A --> D(Vault)
D --Encrypted PII-->A



graph LR


A(Partner) --access token<br>id token--> B(globaliD Vault<br><br>/v1/vault/get-encrypted-data)

B --Decrypt Data-->A

A--file_token-->D(globaliD Vault<br><br>/v1/vault/attachment/-file_token-/client)

D --Decrypt File--> A





sequenceDiagram

globaliD auth ->>Partner: get user id_token
globaliD auth->>Partner: get client access token
Partner ->> globaliD Vault: get encrypted data

globaliD Vault->>Partner: encrypted PII