The diagram below describes the standard secure client API flow throughout the application life time:

Open

• The very first action to perform is to authenticate the user with the SecureClient.authenticate() function. To find out wheter authentication has already been performed, one can call SecureClient.isAuthenticated().

• If this is the inital boot of the application (or provisioning has been cleared) then provisioning must be executed with SecureClient.provision(). To find out whether provisioning has already been performed, one can call SecureClient.isProvisioned(). If provisioning needs to be cleared, the SecureClient.clearProvision() should be used.

• Then the application can initialize the client with SecureClient.clientInitialize().

• Then the L3 application needs to verify if key rollout is necessary (depending on its requirements). To do so the SecureClient.syncTime() function call be called to verify when the last key rotation happened. If the key rotation happened too long ago, SecureClient.syncExecute() must be called to perform the rotation.

• Once everything is set and ready, the L3 application can start the monitoring thread by calling the SecureClient.clientStart() function.

• When the application is about to quit, it should call SecureClient.clientTerminate() to gracefully shut down the monitoring service.