Onboarding to Dfns
Last updated
Last updated
Welcome to Dfns! This guide will help you get set up with our industry-leading authentication and clone our sample app to test delegated signing. If you have any questions, don't hesitate to reach out to us in DFNSCare. Thanks!
Go to to create a new org and creates the first Employee in the organization, called the Org Owner.
Org Owner receives an email with a link and a code to register in our system.
Click on the link in the Email and enter the registration code. Here you can see the Org owner and the Org ID.
You will be asked to create your passkey, passkeys eliminate the need for passwords and use your device’s built-in security features, like Face ID, Touch ID, or a PIN.
Last step is to print or save your recovery details in a safe place.
Click Settings in the left nav
This should take you to the Users screen
Add Users to the organization by clicking “New User”. (Note ExternalID is optional)
Employees receive an email and follow the same registration flow.
The Org Owner creates and assigns the necessary permissions to allow users access the parts of the system required for their job responsibilities. For convenience, we've exposed a control on the user list page to give a user all access to the system here:
That said, we strongly encourage implementing the principle of least privilege by setting up your own permissions in the dashboard under Settings=>Permissions:
You can then assign permissions to Users, Service Account, and Applications by clicking the target card in the list to go to the detail page:
Once you register in your Dfns org and invite your Users, the next step is to create a Service Account which you can think of as a machine user.
Navigate to Settings. Service Accounts=>New Service Account.
Name the Service Account, copy in the public key (including begin/end lines like “-----BEGIN PUBLIC KEY-----”) and click “Create”.
This will output a masked JWT one time. Copy it to a secure location before leaving the page.
If you want to implement Delegated Signing in which your customer generates credentials to our API via WebAuthn, continue with these steps:
Create an Application running at localhost:3000.
Go to Org Settings => Applications
Click New Application
Give it a name and specify the following values:
Click Create, then copy the App ID like “ap-2vemp-hl3c9-9j1rgcf9quurph” to paste into your .env file as described below
Clone one of the two demo apps in the SDK & follow the steps in the Readme
Our documentation should have everything you need to get up and running on Dfns! Here's an overview of some of the key sections:
Create a Public / Private Key pair that you will use for API signing from the terminal command. You can use the commands shown below or see our :
At this point, you can make server side API calls by signing requests with your secret key. Please see and specifically .
For a full overview of Delegated Signing, please see the under Advanced Topics.
Populate your .env file based on the (see for the July 2023 EthParis event for a step by step walkthrough)
Overviews of Dfns's
Our page & around authentication to understand our signing requirements in detail
The reference section of all currently supported endpoints and their operations
to learn about how to integrate with Fiat on/offboarding providers
