This document outlines the design of the Metal Pay Connect (MPC) authentication flow for a secure login system. The system ensures that user authentication and subsequent service requests are processed safely using HMAC signatures and API keys.

Architecture Overview

The architecture consists of several interconnected components that work together to deliver secure authentication and authorization. Key components include:

1. Frontend
2. Backend
3. Metal Pay Connect (MPC) Component

Components

Frontend

• Functionality:
  • Initializes the authentication process
  • Renders the MPC component with the generated signature.
• Role in Authentication:
  • Requests a signature from the backend to initiate the authentication process.
  • Embeds the received signature into the MPC component.

Backend

• Functionality:
  • Stores the secret key used to generate HMAC signatures.
• Role in Authentication
  • Generates HMAC signatures using the secret key and the provided nonce.
  • Sends the generated signature back to the frontend for use in authentication.

Metal Pay Connect (MPC) Component

• Functionality:
  • Manages secure interactions between the frontend and backend services.
• Role in Authentication:
  • Validates the token using the provided nonce and domain.
  • Stores and processes the signature for ongoing authentication.