Specify integrated authentication and user onboarding protocols

[indomitableSwan]

Since Lock Keeper does not provide a stand-alone, user-facing application, we want to provide a flexible way for Service Providers to authenticate their users that does not negatively impact security of Lock Keeper functionalities or the user experience.

To that end, we need a technical specification of a system that:

• Supports multiple types of Service Provider logins, including passwordless systems.
• Does not require the user to remember multiple passwords.
• Covers onboarding flows for users, who may or may not be new users of the Service Provider ecosystem.
• Does not negatively impact security of Lock Keeper.

We currently have an internal draft that treats the case of a user who has not previously registered for an account with the Service Provider. A starting point for completion of this epic is translation of this high-level draft to a detailed technical specification.

[jakinyele]

@indomitableSwan For my own clarification, will there be a separate epic for an integrated authentication plan for the remote-client or is that implied by this epic?

[indomitableSwan]

@indomitableSwan For my own clarification, will there be a separate epic for an integrated authentication plan for the remote-client or is that implied by this epic?

This is not applicable for the remote client.