Challenges Integrating a Custom Canister with Internet Identity

ficov12960 · November 28, 2024, 5:54am

Hi everyone,

I’m new to developing on the Internet Computer and recently started working on a custom canister application that requires user authentication via Internet Identity. While I’ve gone through the developer documentation and some forum posts, I’m running into a few challenges that I can’t seem to solve.

Integration Process: I’ve set up the Internet Identity frontend and linked it to my project. However, when trying to authenticate users and link their identity to my application’s backend, I occasionally encounter an error that says “Invalid Principal.” Could this be an issue with how I’ve defined the principal or with the initialization of my canister?
Session Management: Once a user logs in through Internet Identity, how do you recommend securely managing sessions? Is there a standard way to handle session expiration or reauthentication for Internet Identity users in an IC app?
Testing Locally: Testing with Internet Identity on my local setup has been tricky. Are there any best practices or debugging tools to simulate authentication flows effectively?

I’d really appreciate any advice, links to specific examples, or even general tips about working with Internet Identity and canisters. I’m sure I’m missing something obvious, but I want to make sure I’m aligning with best practices for security and functionality.

Thanks in advance for your help, and I’m excited to learn more from this community!

Best regards,

rem.codes · November 28, 2024, 6:27am

Hi @ficov12960 do you have code to share?

This might be helpful documentation https://agent-js.icp.xyz/auth-client/index.html

point 1, where is the error coming from? the frontend or backend? and did you set the identity when you created the actor to do authenticated calls (looking at code would be helpfull in this case)

As for point number 2, if the user is logged in and you use the authClient again, you would still use the identity from the “session”

const authClient = await AuthClient.create(); // fetches the identity from storage if the user is logged in

point number 3, yes its a pain, this is one of the reasons why i personally test everything directly on mainnet, it might be that this has improved but i have no knowledge of this so not the right person to answer this question.

Severin · November 28, 2024, 7:22am

Regarding testing: II offers a dev build (see README) that will always have the same captcha. With that it should be pretty easy to automate. If you don’t need to test the login flow, then just creating a random private key and turning it into an identity would work just fine

Topic		Replies	Views
Issues during local deploy of Internet Identity Developers	8	1100	February 9, 2023
Internet Identity by canisterId instead of url Programs & Applications	13	1489	January 10, 2022
Using internet identity in a script Developers	1	378	October 3, 2021
Internet Identity - Dapp Principal ID Access internet-identity	10	120	October 18, 2024
How can I execute transactions using Internet Identity for canister IDs? internet-identity	0	92	July 3, 2024

Challenges Integrating a Custom Canister with Internet Identity

Related topics