Remote Policy UI
Last updated
Last updated
To create a policy suitable for operating by users via multiple (different) instances of Guardian, at the publishing stage โPublicโ availability type must be selected.
Once such policy is published it can be imported into other Guardian instances via its publishing Message ID.
The import of โexternalโ policies is initiated from the Remote Policies tab in the Policies grid
The original policy Message ID must be specified in the Search dialogue box.
The operation must be approved by the Standard Registry
Imported policy will become accessible from the Remote Policies tab alongside the ordinary policies
To enable users to participate in the remote policy workflow they must be registered on the โhomeโ Guardian of the policy (from which it has been published). Such registration involves importing user profile. Please note that private information, such as private keys, are not exported, imported or accessed in any way.
Profile files can be used to create corresponding Remote Users, which can participate in the policy execution workflow using external (other) Guardian instance as a โconsoleโ without exposing users private keys to any Guardian other than userโs home instance.
Remote policies are used in the same way as those running locally with few differences:
Speed and waiting time
Synchronization of policy execution state between different Guardian instances is performed via Hedera, an update of the policy state on other Guardians can take several minutes.
Publishing actions
When user take actions in their home Guardians there is a time delay associated with the remote Guardian instance processing the action request.
Action request
Processing remote user actions may require user private keys for signatures. These keys never leave usersโ home Guardians, instead the remote Guardian formulates corresponding requests which require user action confirmations in their โhomeโ Guardians.
For the avoidance of doubt, such confirmations to do not pass private keys to the remote Guardian instance. The confirmation is performed locally, remote Guardians receive only the result of the actions (e.g. signed documents etc).