Skip to main content

Manage data for your organization

In order to store data for your organization on Misakey, you must first follow this guide, after which you should:

  • have created an organization.
  • have generated a secret for your organization.
  • have generated an access token for your organization.

Structure your data#

Choose a datatag#

Datatags are really important to identify what the data is about, for your organization, your users, and other organizations. Misakey has created some datatag but you can ask us to create more of them.

ℹ️ A lot of features comes with datatags, user will consent to share datatag from other organization to yours, and vice-versa. Then it is important to use them correctly from the beginning.

The list of possible datatags is available here.

Store data#

Create a box for a data subject and datatag#

You can create a box and then send data to it.

The endpoint to create a box is documented here.

Since the data inside a box is end-to-end encrypted, there is several ways in order to share cryptographic materials to other actors.

Boxes have both a public (for writing) and a secret key (for reading). The public key is stored in Misakey database but it does not store the secret directly (for end-to-end encryption purpose). It means the secret key must be kept on client side.

This being said, note you can use optionally the key_share field, on the box creation endpoint, as a way to transmit securely the secret key to the data subject of a box:

Key Share#

Key share is the most common way for sharing the box secret to the data subject.

The key share allows the build of an invitation link that you can send to the user. Invitation link is a way to share crypto materials. See box key shares doc

  • misakey_share: (string, unpadded url-safe base64) the misakey share
  • invitation_share_hash: (string, unpadded URL-safe base64) a hash of the other share (invitation share)
  • encrypted_invitation_key_share: (string) the encrypted invitation key share

Send data to the box#

After you have created the box, you can send data in many ways to the box:

Plain text is easier to put in place in the first place but does not allow big chunk of data to be stored.

Consult data#

Search for data for an organization#

The first way to seak for data in your organization is to list boxes your organization has access to.

Each boxes have datatags and data subjects allowing you to be more precise on queries

Then in each box is it possible to list messages (text or file) which contains encrypted data.

See the list boxes endpoint for organization.

Note that you can first count messages before listing them.

Search for data in a specific box#

Data inside a box is registered and retrievable chronologically. See the listing of messages for a given box here).

Note that you can first count messages before listing them.

Remove data#

Remove a single message from a box#

File or text, message can be definitely removed from the system, and the data attached to it in one command.

It is required to have the message id wished to removed.

See the message deletion endpoint

Remove a box#

The removal of a box guarantee all the data contained inside it to be removed: text, files, all history events...

It is then considered as a critical operation. Be aware the members of the box will receive a notification about the box deletion.

See the box deletion endpoint.