Affinidi TDK

A modern interface to easily manage and integrate your applications into the Affinidi Trust Network.

The Affinidi Trust Development Kit (TDK) provides clients that represent each available Affinidi service, such as Login Configurations and Credential Issuance. These clients expose service endpoints as methods that enable developers to easily call these services from their applications.

Affinidi TDK empowers developers to streamline the integration of Affinidi services into their applications with comprehensive libraries and tools, boosting their productivity.

Benefits of the Affinidi TDK

Faster time to market: Affinidi TDK saves you time and effort by bootstrapping API integrations through pre-built modules, allowing you to focus on what matters most - building innovative applications.

Seamless Integration: Easily manage and integrate Affinidi services like Credential Verification, Credential Issuance, and Login Configuration, among others, efficiently into your application. It minimises complexity and dependencies for seamless entry into the Affinidi Trust Network (ATN).

Flexibility & choice: Start building in minutes with your preferred language. Affinidi TDK offers flexibility and customisation to fit your specific needs.

Supported Languages

Affinidi TDK supports the integration with the following programming languages.

  • TypeScript
  • Python
  • PHP

Working with the Affinidi TDK

Work with the Affinidi TDK by preparing your development environment and creating your first integration with the Affinidi Trust Network.

Prepare your Local Environment

Install NodeJS on your machine. We recommend installing the Long Term Support (LTS) version.

Install Python 3.7 or later including pip and virtualenv on your machine.

Install PHP 7.4 or later including composer on your machine.

Create a Project

To create a project, simply login to  Affinidi Portal using your Affinidi Vault account. On your first login, the Affinidi Portal will create a default project that you can use to create a Personal Access Token (PAT) and generate a Authorisation Token to call the Affinidi services.

Authorisation Token

To access and call the methods from the clients, an access token called Project Scoped Token must be generated using the AuthProvider package. This token allows developers to access and manage resources within the specific project.

The Project Scoped Token is generated per project and using this token, the application can perform actions to the related resources like Login Configurations, Credential Issuance, etc.

Create a Personal Access Token (PAT)

Generate a Personal Access Token using the Affinidi CLI. The command below creates a PAT with an auto-generated private/public key pair and access policy. Explore the Token CLI command to learn more.

affinidi token create-token -n IotaToken --auto-generate-key --passphrase "MySecretPassphrase" --with-permissions

The command will display details such as the privateKey, tokenId, projectId, and the passphrase if provided to instantiate the AuthProvider package.

Generate a Project Scoped Token
import { AuthProvider } from '@affinidi-tdk/auth-provider'

const authProvider = new AuthProvider({
    privateKey: '<PAT_PRIVATE_KEY_STRING>',
    passphrase: '<PAT_KEY_PAIR_PASSPHRASE>',
    tokenId: '<PAT_ID>',
    projectId: '<PROJECT_ID>'
})

const projectScopedToken = await authProvider.fetchProjectScopedToken()
import affinidi_tdk_auth_provider

stats = {
  'privateKey': '<PAT_PRIVATE_KEY_STRING>',
  'passphrase': '<PAT_KEY_PAIR_PASSPHRASE>',
  'tokenId': '<PAT_ID>',
  'projectId': '<PROJECT_ID>'
}

authProvider = affinidi_tdk_auth_provider.AuthProvider(stats)

projectScopedToken = authProvider.fetch_project_scoped_token()
require_once 'vendor/autoload.php';

use AffinidiTdk\AuthProvider\AuthProvider;

$params = [
  'privateKey' => '<PAT_PRIVATE_KEY_STRING>',
  'passphrase' => '<PAT_KEY_PAIR_PASSPHRASE>',
  'tokenId' => '<PAT_ID>',
  'projectId' => '<PROJECT_ID>'
];

$authProvider = new AuthProvider($params);

// this is optional, another option to fetch the ProjectScopedToken is through callback
$projectScopedToken = $authProvider->fetchProjectScopedToken();

// $tokenCallback = [$authProvider, 'fetchProjectScopedToken'];

Calling Client Methods

To call the Client methods available in the TDK, import the client and the auth provider into the project.

  1. Install the required libraries (in our example, we will use Login Configuration client.
npm install -S @affinidi-tdk/auth-provider @affinidi-tdk/login-configuration-client
pip install affinidi_tdk_auth_provider affinidi_tdk_login_configuration_client
composer require affinidi-tdk/affinidi-tdk-php
  1. Import the libraries into the code. We are importing the Login Configuration client to create a Login Configuration and the Auth Provider to generate the Project Scoped Token for the Authorisation header.
import { AuthProvider } from '@affinidi-tdk/auth-provider'
import { ConfigurationApi, Configuration as AuthConfiguration, CreateLoginConfigurationInput } from '@affinidi-tdk/login-configuration-client'
import affinidi_tdk_auth_provider
import affinidi_tdk_login_configuration_client
require_once 'vendor/autoload.php';

use AffinidiTdk\AuthProvider\AuthProvider;
use AffinidiTdk\Clients\LoginConfigurationClient;
  1. Generate an Authorisation token to call the client using the Personal Access Token for the specific project.

Use the Affinidi CLI Token command to generate the Personal Access Token (PAT) for the Auth Provider.

If you have created the Personal Access Token (PAT) with the --key-id flag in Affinidi CLI, you must also set the keyId with the supplied value in the AuthProvider class.

// NOTE: set your variables for PAT
const privateKey = "<PAT_PRIVATE_KEY_STRING>"
const passphrase = "<PAT_KEY_PAIR_PASSPHRASE>"
const tokenId = "<PAT_ID>"
const projectId = "<PROJECT_ID>"

const authProvider = new AuthProvider({
    privateKey,
    passphrase,
    tokenId,
    projectId
})

const authConfiguration = new AuthConfiguration({
  apiKey: authProvider.fetchProjectScopedToken.bind(authProvider)
})
stats = {
  "privateKey": "<PRIVATE_KEY_STRING>",
  "passphrase": "<KEY_PAIR_PASSPHRASE>",
  "tokenId": "<PAT_ID>",
  "projectId": "<PROJECT_ID>"
}

authProvider = affinidi_tdk_auth_provider.AuthProvider(stats)

projectScopedToken = authProvider.fetch_project_scoped_token()
$params = [
  'privateKey' => '<PAT_PRIVATE_KEY_STRING>',
  'passphrase' => '<PAT_KEY_PAIR_PASSPHRASE>',
  'tokenId' => '<PAT_ID>',
  'projectId' => '<PROJECT_ID>'
];

$authProvider = new AuthProvider($params);
  1. Initiate the Login Configuration module with the authorisation header and call the client method.
async function createLoginConfig() {
  const api = new ConfigurationApi(authConfiguration)

  const request: CreateLoginConfigurationInput = {
      name: 'Sample App',
      redirectUris: ['http://localhost:3000/auth/callback']
  }

  const { data } = await api.createLoginConfigurations(request)

  return data
}

createLoginConfig()
  .then((data) => console.log(data))
  .catch((error) => console.log(error))
# Defining the host is optional and defaults to http://localhost
# See configuration.py for a list of all supported configuration parameters.
configuration = affinidi_tdk_login_configuration_client.Configuration()

# Pass the projectScopedToken generated from AuthProvider package
configuration.api_key['ProjectTokenAuth'] = projectScopedToken

with affinidi_tdk_login_configuration_client.ApiClient(configuration) as api_client:
    api_instance = affinidi_tdk_login_configuration_client.ConfigurationApi(api_client)

    request_json = {
        name: "Sample App",
        redirectUris: ["http://localhost:3000/auth/callback"]
    }

    create_login_configuration_input = affinidi_tdk_login_configuration_client.CreateLoginConfigurationInput.from_dict(request_json)

    api_response = api_instance.create_login_configurations(create_login_configuration_input=create_login_configuration_input)
$tokenCallback = [$authProvider, 'fetchProjectScopedToken'];

// Configure API key authorization: ProjectTokenAuth
$config = LoginConfigurationClient\Configuration::getDefaultConfiguration()->setApiKey('authorization', '', $tokenCallback);

$apiInstance = new LoginConfigurationClient\Api\ConfigurationApi(
    new GuzzleHttp\Client(),
    $config
);

try {
    $result = $apiInstance->createLoginConfigurations([
      "name" => "Sample App",
      "redirectUris" => array(
        "http://localhost:3000/auth/callback"
      )
    ]);

    print_r($result);
} catch (Exception $e) {
    echo 'Exception when calling ConfigurationApi->createLoginConfigurations: ', $e->getMessage(), PHP_EOL;
}

In the above example, we called Create Login Configuration method and extracted the data that contains the response from the endpoint.

Affinidi TDK Project

The Affinidi Trust Development Kit (TDK) is an open-sourced project on GitHub. Explore the GitHub repo to learn more on how you can contribute to the project, provide your feedback, or to report an issue.

Changelog

To view the latest changes to the Affinidi TDK, visit the Affinidi TDK Changelog page.

TDK Modules

The Affinidi TDK provides different types of modules:


TDK Clients

Provide methods to access Affinidi services like IAM, Verifier, Wallets, and Login Configuation, among others.

TDK Libraries

Provide high-level abstractions that combine logic and data to perform necessary business logic functionalities.

TDK Packages

Commonly used utilities/helpers that are self-contained and composable.