@iota/is-client

v0.2.3

Published

4 months ago

Javascript client for the IOTA's Integration Services API

Downloads

315

0High
0Medium
0Low

domschiener

iota_ci

iota integration-services identity streams decentralized

IOTA Integration Services Javascript Client

This is the javascript client for easy usability of the Integration Services API.

Prerequisites

A running instance of the Integration Services API

Examples

The following examples will show you the basics of the Integration Services Client. For the most up-to-date examples visit the integration services repository.

Create a Admin Identity

Most examples need authentication by an admin identity. Therefor we create a script in the SSI-Bridge to generate a admin identity for you.

Option 1 (recommended)

Navigate to the ssi-bridge root directory: cd api/ssi-bridge
Run the script: npm run setup-admin-identity
Make sure to copy the created adminIdentity.json to the root of your directory to use it in the examples

Option 2

Run the example-0 script in the client examples

Create an Identity and a Credential

This examples shows how to authenticate the admin identity from the previous example, create a new identity and issue a credential to the newly created identity.

import { IdentityClient, CredentialTypes, UserType, IdentityKeys } from '@iota/is-client';
import { defaultConfig } from './configuration';
import { readFileSync } from 'fs';

async function createIdentityAndCheckVCs() {
  const identity = new IdentityClient(defaultConfig);

  // Recover the admin identity
  const adminIdentity = JSON.parse(readFileSync('./adminIdentity.json').toString()) as IdentityKeys;

  // Authenticate as the admin identity
  await identity.authenticate(adminIdentity.id, adminIdentity.keys.sign.private);

  // Get admin identity data
  const adminIdentityPublic = await identity.find(adminIdentity.id);

  // Get admin identy's VC
  const identityCredential = adminIdentityPublic?.verifiableCredentials?.[0];

  console.log('Identity Credential of Admin', identityCredential);

  // Create identity for user
  const username = 'User-' + Math.ceil(Math.random() * 100000);
  const userIdentity = await identity.create(username);

  console.log('~~~~~~~~~~~~~~~~');
  console.log('Created user identity: ', userIdentity);
  console.log('~~~~~~~~~~~~~~~~');
  // Assign a verifiable credential to the user as rootIdentity.
  // With the BasicIdentityCredential the user is not allowed to issue further credentials
  const userCredential = await identity.createCredential(
    identityCredential,
    userIdentity?.id,
    CredentialTypes.BasicIdentityCredential,
    UserType.Person,
    {
      profession: 'Professor'
    }
  );

  console.log('Created credential: ', userCredential);
  console.log('~~~~~~~~~~~~~~~~');
  // Verify the credential issued
  const verified = await identity.checkCredential(userCredential);

  console.log('Verification result: ', verified);
}

createIdentityAndCheckVCs();

Update Users

In this example a already existing identity is updated. Again in the admin identity from the first example is needed.

import { SearchCriteria, IdentityClient, IdentityKeys } from '@iota/is-client';
import { defaultConfig } from './configuration';
import { readFileSync } from 'fs';

async function searchIdentityAndUpdate() {
  const identity = new IdentityClient(defaultConfig);

  // Recover the admin identity
  const adminIdentity = JSON.parse(readFileSync('./adminIdentity.json').toString()) as IdentityKeys;

  // Authenticate as the admin identity
  await identity.authenticate(adminIdentity.id, adminIdentity.keys.sign.private);

  const username = 'MyUser-' + Math.ceil(Math.random() * 100000);
  const userIdentity = await identity.create(username);

  console.log('~~~~~~~~~~~~~~~~');
  console.log('Created user identity: ', userIdentity);
  console.log('~~~~~~~~~~~~~~~~');

  // Search for identities with username 'User' in it
  const search: SearchCriteria = { username: 'MyUser-' };

  const identities = await identity.search(search);

  console.log('Found the following identities:');
  console.log(JSON.stringify(identities, null, 2));

  if (identities && identities[0]) {
    // Take the latest identity of the searched identities
    const ids = identities.sort((a, b) => {
      // @ts-ignore
      return new Date(a.registrationDate) - new Date(b.registrationDate);
    });

    const userIdentity = ids[ids.length - 1];

    console.log('userIdentiy', userIdentity);

    const newUsername = 'Updated' + userIdentity.username;

    // Update the claim of the identity with a new username
    await identity.update({
      ...userIdentity,
      username: newUsername
    });
    console.log(`Successfully updated identity with id: ${userIdentity?.id}`);
  } else {
    console.log('Could not find identities with given search criteria.');
  }
}

searchIdentityAndUpdate();

Delete Users

This example shows how to delete an identity from the SSI-Bridge.

import { SearchCriteria, IdentityClient, IdentityKeys } from '@iota/is-client';
import { defaultConfig } from './configuration';
import { readFileSync } from 'fs';

async function searchIdentityAndDelete() {
  const identity = new IdentityClient(defaultConfig);

  // Recover the admin identity
  const adminIdentity = JSON.parse(readFileSync('./adminIdentity.json').toString()) as IdentityKeys;

  // Authenticate as the root identity
  await identity.authenticate(adminIdentity.id, adminIdentity.keys.sign.private);

  const username = 'User-' + Math.ceil(Math.random() * 100000);
  const userIdentity = await identity.create(username);

  console.log('Created Identity', userIdentity);

  const yesterday = new Date(new Date().setDate(new Date().getDate() - 1));
  const search: SearchCriteria = { registrationDate: yesterday, username: username };
  // Search for identities that have been created yesterday or later (today)
  const identities = await identity.search(search);

  console.log('Found the following identities', identities);

  if (identities) {
    const erasableIdentities = identities.filter((item) => !item.isServerIdentity);

    if (erasableIdentities.length > 0) {
      // Take the first identities of the searched identities
      const userIdentity = erasableIdentities[0];

      console.log('Removing Identity', userIdentity);

      // Remove the user and also revoke the user's credentials
      await identity.remove(userIdentity.id, true);
      console.log(`Successfully deleted identity with id: ${userIdentity.id}`);

      // Although the user is removed from the bridge the user's identity document can still be retrieved from the tangle
      const recoveredIdentity = await identity.latestDocument(userIdentity.id);
      console.log('Identity document: ', recoveredIdentity);
    }
  } else {
    console.log('Could not find identities with given search criteria.');
  }
}


searchIdentityAndDelete();

Adding Trusted Authorities

This examples shows you how to add a trusted authority. Only credentials issued by a trusted authority are trusted.

import { IdentityClient, CredentialTypes, UserType, IdentityKeys } from '@iota/is-client';
import { defaultConfig } from './configuration';
import { readFileSync } from 'fs';
import { externalDriverCredential1 } from './externalData';

async function trustedAuthorities() {
  const identity = new IdentityClient(defaultConfig);

  // Recover the admin identity
  const adminIdentity = JSON.parse(readFileSync('./adminIdentity.json').toString()) as IdentityKeys;

  // Authenticate as the admin identity
  await identity.authenticate(adminIdentity.id, adminIdentity.keys.sign.private);

  // Create an identity for a driver to issue him a driving license
  const username = 'Driver-' + Math.ceil(Math.random() * 100000);
  const driverIdentity = await identity.create(username);

  //Get root identity to issue an credential for the new driver
  const adminIdentityPublic = await identity.find(adminIdentity.id);
  console.log(`Root identity's id: `, adminIdentityPublic.id);

  // Get root identity's credential to create new credentials
  // @ts-ignore: Object is possibly 'null'.
  const identityCredential = adminIdentityPublic!.verifiableCredentials[0];

  // List all trusted authorities, currently only one authority is trusted for issuing credentials
  const trustedAuthorities = await identity.getTrustedAuthorities();
  console.log('Trusted authorities: ', trustedAuthorities);

  // Assign a verifiable credential to the driver for drive allowance
  const driverCredential = await identity.createCredential(
    identityCredential,
    driverIdentity?.id,
    CredentialTypes.BasicIdentityCredential,
    UserType.Person,
    {
      driveAllowance: true,
      issuanceDate: new Date()
    }
  );

  // Verify the drivers license issued by the local authority.
  // Verification result should be positive
  const verified1 = await identity.checkCredential(driverCredential);
  console.log('Internal drivers license verification: ', verified1);

  // Verify the drivers license issued by an external authority.
  // This drivers license will not be trusted because it was not added as an trusted authority by us.
  const verified2 = await identity.checkCredential(externalDriverCredential1);
  console.log('Driving authority verification: ', verified2);

  // Added the external authority to the trusted authorities.
  // The id of the external authority can be found in the external credential
  const externalTrustedAuthority = externalDriverCredential1.issuer;
  await identity.addTrustedAuthority(externalTrustedAuthority);

  // List all trustedAuthorities, to verify the external authority has been added
  const trustedAuthorities2 = await identity.getTrustedAuthorities();
  console.log('Trusted authorities: ', trustedAuthorities2);

  // Verify the drivers license issued by the local authority again
  // Verification result should be true again
  const verified4 = await identity.checkCredential(driverCredential);
  console.log('Internal drivers license verification: ', verified4);

  // Verify the drivers license issued by an external authority.
  // This time the verification result should be positive
  const verified5 = await identity.checkCredential(externalDriverCredential1);
  console.log('Driving authority verification: ', verified5);

  // Remove the external authority again, just for repeatability
  await identity.removeTrustedAuthority(externalTrustedAuthority);
}

trustedAuthorities();

Create a Channel

This examples shows you how to create a channel and write data to the created channel.


import { IdentityClient, ChannelClient } from '@iota/is-client';

import { defaultConfig } from './configuration';

const channel = new ChannelClient(defaultConfig);
const identity = new IdentityClient(defaultConfig);

async function createChannel() {
  // Create a new user. The user is used for authentication only.
  const username = 'User-' + Math.ceil(Math.random() * 100000);
  const user = await identity.create(username);

  console.log('User', user);

  // Authenticate as the user
  await channel.authenticate(user.id, user.keys.sign.private);

  // Create a new channel for example data
  const logChannel = await channel.create({
    name: `Channel-${Math.ceil(Math.random() * 100000)}`,
    topics: [{ type: 'example-data', source: 'data-creator' }]
  });

  console.log('Log Channel', logChannel);

  // The channel address is used to read and write to channels
  const channelAddress = logChannel.channelAddress;
  console.log(`Channel address: ${channelAddress}`);

  // Writing 5 data packets to channel
  for (let i = 1; i <= 5; i++) {
    console.log(`Writing channel data ${i}`);
    await channel.write(channelAddress, {
      type: 'log',
      created: new Date().toISOString(),
      payload: {
        log: `This is log file #${i}`
      }
    });
  }

  // Reading channel
  const channelData = await channel.read(channelAddress);
  console.log('Read from channel:');
  channelData.forEach((data) => {
    console.log(data.log);
  });
}

createChannel();

Authorize to Channel

This example shows you how to authorize other identities to read and write to a newly created channel.

import { AccessRights, IdentityClient, ChannelClient } from '@iota/is-client';

import { defaultConfig } from './configuration';

// In this example we will use two instances of the ChannelClient() both will authenticate a different user.
const ownerClient = new ChannelClient(defaultConfig);
const userClient = new ChannelClient(defaultConfig);
const identity = new IdentityClient(defaultConfig);

async function authorizeOthersToChannel() {
  // Creating a channel owner who creates the channel and a channel user who will be authorized to read the channel
  console.log('Creating user...');
  const ownerUsername = 'Owner-' + Math.ceil(Math.random() * 100000);
  const subscriberUsername = 'Subscriber-' + Math.ceil(Math.random() * 100000);
  const channelOwner = await identity.create(ownerUsername);
  const channelUser = await identity.create(subscriberUsername);

  // We will use two instances of the channel api client. One is getting authorized by the owner and the other one by the user.
  await ownerClient.authenticate(channelOwner.id, channelOwner.keys.sign.private);
  await userClient.authenticate(channelUser.id, channelUser.keys.sign.private);

  // The owner creates a channel where he/she want to publish data of type 'example-data'.
  const { channelAddress } = await ownerClient.create({
    name: `Channel-${Math.ceil(Math.random() * 100000)}`,
    topics: [{ type: 'example-data', source: 'example-creator' }]
  });

  console.log('Writing to channel...');
  // Writing data to the channel as the channel owner.
  await ownerClient.write(channelAddress, {
    payload: { log: `This is log file 1` }
  });

  // This attempt to read the channel will fail because the channel user is no authorized to read the channel.
  try {
    const channelData = await userClient.read(channelAddress);
  } catch (error: any) {
    console.error('Error: ', error?.response?.data?.error);
  }

  // Request subscription to the channel as the user. The returned subscriptionLink can be used to authorize the user to the channel.
  const { subscriptionLink } = await userClient.requestSubscription(channelAddress, {
    accessRights: AccessRights.ReadAndWrite
  });

  console.log('Subscription Link:', subscriptionLink);

  // Find subscriptions to the channel that are not already authorized.
  const subscriptions = await ownerClient.findAllSubscriptions(channelAddress, false);

  console.log('Subscriptions Found:', subscriptions);

  const unauthorizedSubscriptions = subscriptions.filter(
    (subscription) => !subscription.isAuthorized
  );

  console.log('Unauthorized subscriptions:', unauthorizedSubscriptions);

  for (const subscription of unauthorizedSubscriptions) {
    console.log(`Authorizing subscription: ${subscription.id}...`);
    // Authorize the user to the channel. Authorization can happen via the id of the user or the generated subscription link.
    const keyloadLink = await ownerClient.authorizeSubscription(channelAddress, {
      id: channelUser.id
    });
    console.log('Subscription Keyload Link:', keyloadLink);
  }

  // Writing data to channel as the channel owner. Make sure to authorize potential channel readers beforehand.
  console.log('Writing to channel...');
  await ownerClient.write(channelAddress, {
    payload: { log: `This is log file 2` }
  });

  // Reading the channel as the user
  console.log('reading as subscriber...');
  const channelData = await userClient.read(channelAddress);
  console.log('First channel data log: ', channelData?.[0]?.log?.payload);
}

authorizeOthersToChannel();

Search Channels and Verify Data

This example shows you how to search for channels and verify that data has not been tampered with.

import { IdentityClient, ChannelClient } from '@iota/is-client';

import { defaultConfig } from './configuration';

// In this example we will use two instances of the ChannelClient() both will authenticate a different user.
const ownerClient = new ChannelClient(defaultConfig);
const userClient = new ChannelClient(defaultConfig);
const identity = new IdentityClient(defaultConfig);

async function searchChannelAndValidateData() {
  // Creating a channel owner who creates the channel and a channel user who will be authorized to read the channel
  console.log('Creating user...');
  const ownerUsername = 'Owner-' + Math.ceil(Math.random() * 100000);
  const subscriberUsername = 'Subscriber-' + Math.ceil(Math.random() * 100000);
  const channelOwner = await identity.create(ownerUsername);
  const channelUser = await identity.create(subscriberUsername);

  // We will use two instances of the channel api client. One is getting authorized by the owner and the other one by the user.
  await ownerClient.authenticate(channelOwner.id, channelOwner.keys.sign.private);
  await userClient.authenticate(channelUser.id, channelUser.keys.sign.private);

  // The owner creates a channel where he/she want to publish data of type 'example-data'.
  const { channelAddress } = await ownerClient.create({
    name: `Channel-${Math.ceil(Math.random() * 100000)}`,
    topics: [{ type: 'example-data', source: 'example-creator' }]
  });

  // Search for channels that where created since midnight with topic type 'example-data' and with specified authorId.
  // Just passing in new Date() to 'created' will never yield results since it selects only channels that where create
  // later or equal to the specified date
  const today = new Date();
  today.setHours(0, 0, 0, 0);
  const channels = await userClient.search({
    authorId: channelOwner.id,
    topicType: 'example-data',
    created: today
  });

  if (channels.length == 0) {
    console.error('Could not find any channels matching the search criteria.');
    return;
  }

  // Request subscription to the first channel
  const { subscriptionLink } = await userClient.requestSubscription(channels[0].channelAddress);

  // Authorize subscription by subscription link
  await ownerClient.authorizeSubscription(channelAddress, { subscriptionLink });

  // Writing data to the channel as the channel owner.
  await ownerClient.write(channelAddress, {
    payload: { log: `This is log file 1` }
  });

  // Read data from channel as the user
  const results = await userClient.read(channelAddress);

  console.log('Read data: ', JSON.stringify(results, null, 4));

  // Validate data read from the channel. This validation will pass since the data is freshly read from the tangle an was not manipulated
  const validationResult = await userClient.validate(channelAddress, results);

  console.log('Validation result: ', validationResult);

  // Manipulate the data
  const tamperedResult = { log: 'This log is not the original' };
  results[0].log.payload = tamperedResult;

  // Now try to validate the manipulated data
  const validationResult2 = await userClient.validate(channelAddress, results);

  // If the validation fails like in this case the original data is included in the validation result
  console.log(
    'Validation result with manipulated data: ',
    JSON.stringify(validationResult2, null, 4)
  );
}

searchChannelAndValidateData();

API Documentation

Enumeration: AccessRights

Enumeration Members

Audit

• Audit = "Audit"

Defined in

node_modules/@iota/is-shared-modules/lib/web/models/schemas/subscription.d.ts:6

Read

• Read = "Read"

Defined in

node_modules/@iota/is-shared-modules/lib/web/models/schemas/subscription.d.ts:7

ReadAndWrite

• ReadAndWrite = "ReadAndWrite"

Defined in

node_modules/@iota/is-shared-modules/lib/web/models/schemas/subscription.d.ts:9

Write

• Write = "Write"

Defined in

node_modules/@iota/is-shared-modules/lib/web/models/schemas/subscription.d.ts:8

Enumeration: ApiVersion

Enumeration Members

v0_1

• v0_1 = "v0.1"

Defined in

src/models/apiVersion.ts:2

v0_2

• v0_2 = "v0.2"

Defined in

src/models/apiVersion.ts:3

Enumeration: CredentialTypes

Enumeration Members

BasicIdentityCredential

• BasicIdentityCredential = "BasicIdentityCredential"

Defined in

node_modules/@iota/is-shared-modules/lib/web/models/types/verification.d.ts:8

VerifiedIdentityCredential

• VerifiedIdentityCredential = "VerifiedIdentityCredential"

Defined in

node_modules/@iota/is-shared-modules/lib/web/models/types/verification.d.ts:7

Enumeration: UserType

Enumeration Members

Device

• Device = "Device"

Defined in

node_modules/@iota/is-shared-modules/lib/web/models/types/user.d.ts:18

Organization

• Organization = "Organization"

Defined in

node_modules/@iota/is-shared-modules/lib/web/models/types/user.d.ts:15

Person

• Person = "Person"

Defined in

node_modules/@iota/is-shared-modules/lib/web/models/types/user.d.ts:17

Product

• Product = "Product"

Defined in

node_modules/@iota/is-shared-modules/lib/web/models/types/user.d.ts:19

Service

• Service = "Service"

Defined in

node_modules/@iota/is-shared-modules/lib/web/models/types/user.d.ts:16

Unknown

• Unknown = "Unknown"

Defined in

node_modules/@iota/is-shared-modules/lib/web/models/types/user.d.ts:20

Class: ChannelClient

Hierarchy

BaseClient
↳ ChannelClient

Constructors

constructor

Properties

Methods

Constructors

constructor

• new ChannelClient(config)

Parameters

Overrides

BaseClient.constructor

Properties

apiKey

• apiKey: string

Inherited from

BaseClient.apiKey

Defined in

src/clients/base.ts:13

apiVersionAuditTrail

• apiVersionAuditTrail: string

Inherited from

BaseClient.apiVersionAuditTrail

Defined in

src/clients/base.ts:18

apiVersionSsiBridge

• apiVersionSsiBridge: string

Inherited from

BaseClient.apiVersionSsiBridge

Defined in

src/clients/base.ts:19

auditTrailUrl

• Optional auditTrailUrl: string

Inherited from

BaseClient.auditTrailUrl

Defined in

src/clients/base.ts:16

baseUrl

• Private baseUrl: string

Defined in

src/clients/channel.ts:24

instance

• instance: AxiosInstance

Inherited from

BaseClient.instance

Defined in

src/clients/base.ts:21

isGatewayUrl

• isGatewayUrl: string

Inherited from

BaseClient.isGatewayUrl

Defined in

src/clients/base.ts:14

jwtToken

• Optional jwtToken: string

Inherited from

BaseClient.jwtToken

Defined in

src/clients/base.ts:20

ssiBridgeUrl

• Optional ssiBridgeUrl: string

Inherited from

BaseClient.ssiBridgeUrl

Defined in

src/clients/base.ts:17

useGatewayUrl

• Optional useGatewayUrl: boolean

Inherited from

BaseClient.useGatewayUrl

Defined in

src/clients/base.ts:15

Methods

add

▸ add(channel): Promise<null>

Add an existing channel into the database. Clients are able to add existing channels into the database so others can subscribe to them. This will be automatically called when a channel will be created.

Parameters

| Name | Type | | :------ | :------ | | channel | Object | | channel.authorId | string | | channel.channelAddress | string | | channel.created | undefined | string | | channel.description | undefined | string | | channel.hidden | undefined | boolean | | channel.latestMessage | undefined | string | | channel.name | string | | channel.requestedSubscriptionIds | undefined | StaticArray<TString> | | channel.subscriberIds | undefined | StaticArray<TString> | | channel.topics | StaticArray<TObject<{ source: TString ; type: TString }>> | | channel.type | undefined | ChannelType | | channel.visibilityList | undefined | StaticArray<TObject<{ id: TString }>> |

Returns

Promise<null>

addSubscription

▸ addSubscription(channelAddress, id, subscription): Promise<{ accessRights: AccessRights ; channelAddress: string ; id: string ; isAuthorized: boolean ; keyloadLink: undefined | string ; pskId: undefined | string ; publicKey: undefined | string ; sequenceLink: undefined | string ; state: string ; subscriptionLink: undefined | string ; type: SubscriptionType }>

Adds an existing subscription (e.g. the subscription was not created with the api but locally.)

Parameters

Returns

Promise<{ accessRights: AccessRights ; channelAddress: string ; id: string ; isAuthorized: boolean ; keyloadLink: undefined | string ; pskId: undefined | string ; publicKey: undefined | string ; sequenceLink: undefined | string ; state: string ; subscriptionLink: undefined | string ; type: SubscriptionType }>

authenticate

▸ authenticate(id, secretKey): Promise<void>

Authenticates the user to the api for requests where authentication is needed

Parameters

Returns

Promise<void>

Inherited from

BaseClient.authenticate

authorizeSubscription

▸ authorizeSubscription(channelAddress, subscriptionIdentifier): Promise<{ keyloadLink: string }>

Authorize a subscription to a channel with DID or subscription link. The author of a channel can authorize a subscriber to read/write from a channel. Eventually after verifying its identity (using the SSI Bridge).

Parameters

Returns

Promise<{ keyloadLink: string }>

keyloadLink

buildUrls

▸ buildUrls(useGatewayUrl?, ssiBridgeUrl?, auditTrailUrl?, apiVersionAuditTrail?, apiVersionSsiBridge?): void

Parameters

Returns

void

Inherited from

BaseClient.buildUrls

create

▸ create(data): Promise<{ channelAddress: string ; presharedKey: undefined | string ; seed: undefined | string }>

Create a new channel. An author can create a new channel with specific topics where other clients can subscribe to.

Parameters

| Name | Type | | :------ | :------ | | data | Object | | data.description | undefined | string | | data.hasPresharedKey | undefined | boolean | | data.hidden | undefined | boolean | | data.name | undefined | string | | data.presharedKey | undefined | string | | data.seed | undefined | string | | data.topics | StaticArray<TObject<{ source: TString ; type: TString }>> | | data.type | undefined | ChannelType | | data.visibilityList | undefined | StaticArray<TObject<{ id: TString }>> |

Returns

Promise<{ channelAddress: string ; presharedKey: undefined | string ; seed: undefined | string }>

delete

▸ delete(url, params?): Promise<any>

Parameters

| Name | Type | | :------ | :------ | | url | string | | params | any |

Returns

Promise<any>

Inherited from

BaseClient.delete

findAllSubscriptions

▸ findAllSubscriptions(channelAddress, isAuthorized?): Promise<{ accessRights: AccessRights ; channelAddress: string ; id: string ; isAuthorized: boolean ; keyloadLink: undefined | string ; pskId: undefined | string ; publicKey: undefined | string ; sequenceLink: undefined | string ; state: string ; subscriptionLink: undefined | string ; type: SubscriptionType }[]>

Get all subscriptions of a channel. Use the is-authorized query parameter to filter for authorized subscriptions.

Parameters

Returns

findSubscription

▸ findSubscription(channelAddress, id): Promise<{ accessRights: AccessRights ; channelAddress: string ; id: string ; isAuthorized: boolean ; keyloadLink: undefined | string ; pskId: undefined | string ; publicKey: undefined | string ; sequenceLink: undefined | string ; state: string ; subscriptionLink: undefined | string ; type: SubscriptionType }>

Get a subscription of a channel by identity id.

Parameters

Returns

get

▸ get(url, params?, data?): Promise<any>

Parameters

| Name | Type | | :------ | :------ | | url | string | | params | any | | data | any |

Returns

Promise<any>

Inherited from

BaseClient.get

getHexEncodedKey

▸ getHexEncodedKey(base58Key): string

Parameters

Returns

string

Inherited from

BaseClient.getHexEncodedKey

hashNonce

▸ hashNonce(nonce): string

Parameters

Returns

string

Inherited from

BaseClient.hashNonce

info

▸ info(address): Promise<{ authorId: string ; channelAddress: string ; created: undefined | string ; description: undefined | string ; hidden: undefined | boolean ; latestMessage: undefined | string ; name: string ; requestedSubscriptionIds: undefined | StaticArray<TString> ; subscriberIds: undefined | StaticArray<TString> ; topics: StaticArray<TObject<{ source: TString ; type: TString }>> ; type: undefined | ChannelType ; visibilityList: undefined | StaticArray<TObject<{ id: TString }>> }>

Get information about a channel with address channel-address.

Parameters

Returns

Promise<{ authorId: string ; channelAddress: string ; created: undefined | string ; description: undefined | string ; hidden: undefined | boolean ; latestMessage: undefined | string ; name: string ; requestedSubscriptionIds: undefined | StaticArray<TString> ; subscriberIds: undefined | StaticArray<TString> ; topics: StaticArray<TObject<{ source: TString ; type: TString }>> ; type: undefined | ChannelType ; visibilityList: undefined | StaticArray<TObject<{ id: TString }>> }>

post

▸ post(url, data): Promise<any>

Parameters

| Name | Type | | :------ | :------ | | url | string | | data | any |

Returns

Promise<any>

Inherited from

BaseClient.post

put

▸ put(url, data): Promise<any>

Parameters

| Name | Type | | :------ | :------ | | url | string | | data | any |

Returns

Promise<any>

Inherited from

BaseClient.put

read

▸ read(channelAddress, channelOptions?): Promise<{ imported: undefined | string ; link: string ; log: { type?: string | undefined; created?: string | undefined; metadata?: any; publicPayload?: any; payload?: any; } ; messageId: undefined | string ; source: undefined | { id?: string | undefined; publicKey?: string | undefined; } }[]>

Get data from the channel with address channel address. The first possible message a subscriber can receive is the time the subscription got approved all messages before are not received. Read permission is mandatory.

Parameters

Returns

Promise<{ imported: undefined | string ; link: string ; log: { type?: string | undefined; created?: string | undefined; metadata?: any; publicPayload?: any; payload?: any; } ; messageId: undefined | string ; source: undefined | { id?: string | undefined; publicKey?: string | undefined; } }[]>

readHistory

▸ readHistory(channelAddress, presharedKey, type?): Promise<{ imported: undefined | string ; link: string ; log: { type?: string | undefined; created?: string | undefined; metadata?: any; publicPayload?: any; payload?: any; } ; messageId: undefined | string ; source: undefined | { id?: string | undefined; publicKey?: string | undefined; } }[]>

Get all data of a channel using a shared key (in case of encrypted channels). Mainly used from auditors to evaluate a log stream.

Parameters

Returns

reimport

▸ reimport(address, data): Promise<null>

The user can decide to re-import the data from the Tangle into the database. A reason for it could be a malicious state of the data.

Parameters

Returns

Promise<null>

remove

▸ remove(address): Promise<null>

Delete information of a channel with address channel-address. The author of a channel can delete its entry in the database. In this case all subscriptions will be deleted and the channel won’t be found in the system anymore. The data & channel won’t be deleted from the IOTA Tangle since its data is immutable on the tangle!

Parameters

Returns

Promise<null>

removeSubscription

▸ removeSubscription(channelAddress, id): Promise<null>

Deletes an existing subscription.

Parameters

Returns

Promise<null>

requestSubscription

▸ requestSubscription(channelAddress, options?): Promise<{ seed: string ; subscriptionLink: string }>

Request subscription to a channel with address channel-address. A client can request a subscription to a channel which it then is able to read/write from.

Parameters

Returns

Promise<{ seed: string ; subscriptionLink: string }>

revokeSubscription

▸ revokeSubscription(channelAddress, subscriptionIdentifier): Promise<null>

Revoke subscription to a channel. Only the author of a channel can revoke a subscription from a channel.

Parameters

Returns

Promise<null>

search

▸ search(searchCriteria): Promise<{ authorId: string ; channelAddress: string ; created: undefined | string ; description: undefined | string ; hidden: undefined | boolean ; latestMessage: undefined | string ; name: string ; requestedSubscriptionIds: undefined | StaticArray<TString> ; subscriberIds: undefined | StaticArray<TString> ; topics: StaticArray<TObject<{ source: TString ; type: TString }>> ; type: undefined | ChannelType ; visibilityList: undefined | StaticArray<TObject<{ id: TString }>> }[]>

Search for a channel. A client can search for a channel which it is interested in.

Parameters

Returns

signNonce

▸ signNonce(privateKey, nonce): Promise<string>

Parameters

Returns

Promise<string>

Inherited from

BaseClient.signNonce

update

▸ update(channel): Promise<null>

Update channel information. The author of a channel can update topics of a channel.

Parameters

Returns

Promise<null>

updateSubscription

▸ updateSubscription(channelAddress, id, updatedSubscription): Promise<null>

Updates an existing subscription.

Parameters

Returns

Promise<null>

validate

▸ validate(address, data): Promise<StaticArray<TObject<{ error: TOptional<TString> ; isValid: TBoolean ; link: TString ; tangleLog: TOptional<TAny> }>>>

Validates channel data by comparing the log of each link with the data on the tangle.

Parameters

| Name | Type | | :------ | :------ | | address | string | | data | StaticArray<TObject<{ imported: TOptional<TString> ; link: TString ; log: TObject<{ created: TOptional<TString> ; metadata: TOptional<TAny> ; payload: TOptional<TAny> ; publicPayload: TOptional<TAny> ; type: TOptional<TString> }> ; messageId: TOptional<TString> ; source: TOptional<TObject<{ id: TOptional<TString> ; publicKey: TOptional<TString> }>> }>> |

Returns

Promise<StaticArray<TObject<{ error: TOptional<TString> ; isValid: TBoolean ; link: TString ; tangleLog: TOptional<TAny> }>>>

write

▸ write(address, data): Promise<{ imported: undefined | string ; link: string ; log: { type?: string | undefined; created?: string | undefined; metadata?: any; publicPayload?: any; payload?: any; } ; messageId: undefined | string ; source: undefined | { id?: string | undefined; publicKey?: string | undefined; } }>

Write data to a channel with address channel address. Write permission is mandatory. The type and metadata fields are not encrypted to have a possibility to search for events. The payload is stored encrypted for encrypted channels.

Parameters

Returns

Class: IdentityClient

Hierarchy

BaseClient
↳ IdentityClient

Constructors

constructor

Properties

Methods

Constructors

constructor

• new IdentityClient(config)

Parameters

Overrides

BaseClient.constructor

Properties

apiKey

• apiKey: string

Inherited from

BaseClient.apiKey

Defined in

src/clients/base.ts:13

apiVersionAuditTrail

• apiVersionAuditTrail: string

Inherited from

BaseClient.apiVersionAuditTrail

Defined in

src/clients/base.ts:18

apiVersionSsiBridge

• apiVersionSsiBridge: string

Inherited from

BaseClient.apiVersionSsiBridge

Defined in

src/clients/base.ts:19

auditTrailUrl

• Optional auditTrailUrl: string

Inherited from

BaseClient.auditTrailUrl

Defined in

src/clients/base.ts:16

baseUrl

• Private baseUrl: string

Defined in

src/clients/identity.ts:18

instance

• instance: AxiosInstance

Inherited from

BaseClient.instance

Defined in

src/clients/base.ts:21

isGatewayUrl

• isGatewayUrl: string

Inherited from

BaseClient.isGatewayUrl

Defined in

src/clients/base.ts:14

jwtToken

• Optional jwtToken: string

Inherited from

BaseClient.jwtToken

Defined in

src/clients/base.ts:20

ssiBridgeUrl

• Optional ssiBridgeUrl: string

Inherited from

BaseClient.ssiBridgeUrl

Defined in

src/clients/base.ts:17

useGatewayUrl

• Optional useGatewayUrl: boolean

Inherited from

BaseClient.useGatewayUrl

Defined in

src/clients/base.ts:15

Methods

add

▸ add(identity): Promise<null>

Register an existing identity into the Bridge. This can be used if the identity already exists or it was only created locally. Registering an identity in the Bridge makes it possible to search for it by using some of the identity attributes, i.e., the username.

Parameters

| Name | Type | | :------ | :------ | | identity | Object | | identity.claim | undefined | { type: string; } | | identity.creator | undefined | string | | identity.hidden | undefined | boolean | | identity.id | string | | identity.isServerIdentity | undefined | boolean | | identity.registrationDate | undefined | string | | identity.role | undefined | string | | identity.username | string | | identity.verifiableCredentials | undefined | StaticArray<TObject<{ @context: TString ; credentialStatus: TOptional<TObject<{ id: TString ; revocationBitmapIndex: TString ; type: TString }>> ; credentialSubject: TObject<{ id: TString ; initiator: TOptional<TString> ; type: TString }> ; id: TString ; issuanceDate: TString ; issuer: TString ; proof: TObject<{ signatureValue: TString ; type: TString ; verificationMethod: TString }> ; type: TArray<TString> }>> |

Returns

Promise<null>

addTrustedAuthority

▸ addTrustedAuthority(trustedRootId): Promise<null>

Adds Trusted Root identity identifiers (DIDs). Trusted roots are DIDs of identities which are trusted by the Bridge. This identity DIDs can be DIDs of other organizations. By adding them to the list Trusted Roots their Verifiable Credentials (VCs) are automatically trusted when checking at the Bridge.

Parameters

Returns

Promise<null>

authenticate

▸ authenticate(id, secretKey): Promise<void>

Authenticates the user to the api for requests where authentication is needed

Parameters

Returns

Promise<void>

Inherited from

BaseClient.authenticate

buildUrls

▸ buildUrls(useGatewayUrl?, ssiBridgeUrl?, auditTrailUrl?, apiVersionAuditTrail?, apiVersionSsiBridge?): void

Parameters

Returns

void

Inherited from

BaseClient.buildUrls

checkCredential

▸ checkCredential(credential): Promise<{ isVerified: boolean }>

Check the verifiable credential of an identity. Validates the signed verifiable credential against the Issuer information stored onto the IOTA Tangle and checks if the issuer identity (DID) contained in the credential is from a trusted root.

Parameters

| Name | Type | | :------ | :------ | | credential | Object | | credential.@context | string | | credential.credentialStatus | undefined | { id: string; type: string; revocationBitmapIndex: string; } | | credential.credentialSubject | { initiator?: string | undefined; id: string; type: string; } | | credential.id | string | | credential.issuanceDate | string | | credential.issuer | string | | credential.proof | { type: string; verificationMethod: string; signatureValue: string; } | | credential.type | StaticArray<TString> |

Returns

Promise<{ isVerified: boolean }>

create

▸ create(username?, claimType?, claim?, hidden?): Promise<{ id: string ; keys: { encrypt?: { type: string; public: string; private: string; encoding: Encoding; } | undefined; sign: { type: string; public: string; private: string; encoding: Encoding; }; } }>

Create a new decentralized digital identity (DID). Identity DID document is signed and published to the ledger (IOTA Tangle). A digital identity can represent an individual, an organization or an object. The privateAuthKey controlling the identity is returned. It is recommended to securely (encrypt) store the privateAuthKey locally, since it is not stored on the APIs Bridge.

Parameters

Returns

Promise<{ id: string ; keys: { encrypt?: { type: string; public: string; private: string; encoding: Encoding; } | undefined; sign: { type: string; public: string; private: string; encoding: Encoding; }; } }>

createCredential

▸ createCredential(initiatorVC, targetDid, credentialType, claimType, claim?): Promise<{ @context: string ; credentialStatus: undefined | { id: string; type: string; revocationBitmapIndex: string; } ; credentialSubject: { initiator?: string | undefined; id: string; type: string; } ; id: string ; issuanceDate: string ; issuer: string ; proof: { type: string; verificationMethod: string; signatureValue: string; } ; type: StaticArray<TString> }>

Verify the authenticity of an identity (of an individual, organization or object) and issue a credential stating the identity verification status. Only previously verified identities (based on a network of trust) with assigned privileges can verify other identities. Having a verified identity provides the opportunity for other identities to identify and verify a the entity they interact to.

Parameters

| Name | Type | | :------ | :------ | | initiatorVC | undefined | { @context: string ; credentialStatus: undefined | { id: string; type: string; revocationBitmapIndex: string; } ; credentialSubject: { initiator?: string | undefined; id: string; type: string; } ; id: string ; issuanceDate: string ; issuer: string ; proof: { type: string; verificationMethod: string; signatureValue: string; } ; type: StaticArray<TString> } | | targetDid | string | | credentialType | string | | claimType | UserType | | claim? | any |

Returns

Promise<{ @context: string ; credentialStatus: undefined | { id: string; type: string; revocationBitmapIndex: string; } ; credentialSubject: { initiator?: string | undefined; id: string; type: string; } ; id: string ; issuanceDate: string ; issuer: string ; proof: { type: string; verificationMethod: string; signatureValue: string; } ; type: StaticArray<TString> }>

delete

▸ delete(url, params?): Promise<any>

Parameters

| Name | Type | | :------ | :------ | | url | string | | params | any |

Returns

Promise<any>

Inherited from

BaseClient.delete

find

▸ find(id): Promise<{ claim: undefined | { type: string; } ; creator: undefined | string ; hidden: undefined | boolean ; id: string ; isServerIdentity: undefined | boolean ; registrationDate: undefined | string ; role: undefined | string ; username: string ; verifiableCredentials: undefined | StaticArray<TObject<{ @context: TString ; credentialStatus: TOptional<TObject<{ id: TString ; revocationBitmapIndex: TString ; type: TString }>> ; credentialSubject: TObject<{ id: TString ; initiator: TOptional<TString> ; type: TString }> ; id: TString ; issuanceDate: TString ; issuer: TString ; proof: TObject<{ signatureValue: TString ; type: TString ; verificationMethod: TString }> ; type: TArray<TString> }>> }>

Get information (including attached credentials) about a specific identity using the identity-id (DID identifier).

Parameters

| Name | Type | | :------ | :------ | | id | string |

Returns

Promise<{ claim: undefined | { type: string; } ; creator: undefined | string ; hidden: undefined | boolean ; id: string ; isServerIdentity: undefined | boolean ; registrationDate: undefined | string ; role: undefined | string ; username: string ; verifiableCredentials: undefined | StaticArray<TObject<{ @context: TString ; credentialStatus: TOptional<TObject<{ id: TString ; revocationBitmapIndex: TString ; type: TString }>> ; credentialSubject: TObject<{ id: TString ; initiator: TOptional<TString> ; type: TString }> ; id: TString ; issuanceDate: TString ; issuer: TString ; proof: TObject<{ signatureValue: TString ; type: TString ; verificationMethod: TString }> ; type: TArray<TString> }>> }>

get

▸ get(url, params?, data?): Promise<any>

Parameters

| Name | Type | | :------ | :------ | | url | string | | params | any | | data | any |

Returns

Promise<any>

Inherited from

BaseClient.get

getHexEncodedKey

▸ getHexEncodedKey(base58Key): string

Parameters

Returns

string

Inherited from

BaseClient.getHexEncodedKey

getTrustedAuthorities

▸ getTrustedAuthorities(): Promise<string[]>

Returns a list of Trusted Root identity identifiers (DIDs). Trusted roots are DIDs of identities which are trusted by the Bridge. This identity DIDs can be DIDs of other organizations. By adding them to the list Trusted Roots their Verifiable Credentials (VCs) are automatically trusted when checking at the Bridge.

Returns

Promise<string[]>

hashNonce

▸ hashNonce(nonce): string

Parameters

Returns

string

Inherited from

BaseClient.hashNonce

latestDocument

▸ latestDocument(id): Promise<{ document: { doc: { service?: StaticArray<TObject<{ id: TString; type: TString; serviceEndpoint: TString; }>> | undefined; id: string; capabilityInvocation: StaticArray<...>; } ; integrationMessageId: undefined | string ; meta: { previousMessageId?: string | undefined; created: string; updated: string; } ; proof: { type: string; verificationMethod: string; signatureValue: string; } } ; messageId: string }>

Get the latest version of an identity document (DID) from the IOTA Tangle.

Parameters

| Name | Type | | :------ | :------ | | id | string |

Returns

Promise<{ document: { doc: { service?: StaticArray<TObject<{ id: TString; type: TString; serviceEndpoint: TString; }>> | undefined; id: string; capabilityInvocation: StaticArray<...>; } ; integrationMessageId: undefined | string ; meta: { previousMessageId?: string | undefined; created: string; updated: string; } ; proof: { type: string; verificationMethod: string; signatureValue: string; } } ; messageId: string }>

post

▸ post(url, data): Promise<any>

Parameters

| Name | Type | | :------ | :------ | | url | string | | data | any |

Returns

Promise<any>

Inherited from

BaseClient.post

put

▸ put(url, data): Promise<any>

Parameters

| Name | Type | | :------ | :------ | | url | `stri

Published

Vulnerabilities

Links

Maintainers

Keywords

Readme

IOTA Integration Services Javascript Client

Table of contents

Prerequisites

Examples

Create a Admin Identity

Create an Identity and a Credential

Update Users

Delete Users

Adding Trusted Authorities

Create a Channel

Authorize to Channel

Search Channels and Verify Data

API Documentation

Enumeration: AccessRights

Table of contents

Enumeration Members

Enumeration Members

Audit

Defined in

Read

Defined in

ReadAndWrite

Defined in

Write

Defined in

Enumeration: ApiVersion

Table of contents

Enumeration Members

Enumeration Members

v0_1

Defined in

v0_2

Defined in

Enumeration: CredentialTypes

Table of contents

Enumeration Members

Enumeration Members

BasicIdentityCredential

Defined in

VerifiedIdentityCredential

Defined in

Enumeration: UserType

Table of contents

Enumeration Members

Enumeration Members

Device

Defined in

Organization

Defined in

Person

Defined in

Product

Defined in

Service

Defined in

Unknown

Defined in

Class: ChannelClient

Hierarchy

Table of contents

Constructors

Properties

Methods

Constructors

constructor

Parameters

Overrides

Properties

apiKey

Inherited from

Defined in

apiVersionAuditTrail

Inherited from

Defined in