IAM

Manage Projects and Access Policies with IAM Service.

Supported Languages

Package: @affinidi-tdk/iam-client

npm install @affinidi-tdk/iam-client --save

Package: affinidi_tdk_iam_client

pip install affinidi_tdk_iam_client

Classes and Methods

Projects API

Use the Projects API to manage your projects including providing access to other users on your projects.

addPrincipalToProject

Add principal to the project to get access.

Parameters

addUserToProjectInput [Object]

JSON object to provide the principal ID and principal type to add to the project. See more here.

{
  "principalId": "<PRINCIPAL_ID>",
  "principalType": "<PRINCIPAL_TYPE>"
}
Module Imports
import { ProjectsApi, Configuration, AddUserToProjectInput } from '@affinidi-tdk/iam-client'
import affinidi_tdk_iam_client
Sample Codes
// Pass the projectScopedToken generated from AuthProvider package
const authConfiguration = new Configuration({
  apiKey: authProvider.fetchProjectScopedToken.bind(authProvider)
})

const api = new ProjectsApi(authConfiguration)

const request: AddUserToProjectInput = {
    principalId: "PAT_ID",
    principalType: "token"
}

const { data } = await api.addPrincipalToProject(request)
configuration = affinidi_tdk_iam_client.Configuration()
# Pass the projectScopedToken generated from AuthProvider package
configuration.api_key['ProjectTokenAuth'] = projectScopedToken

with affinidi_tdk_iam_client.ApiClient(configuration) as api_client:
    api_instance = affinidi_tdk_iam_client.ProjectsApi(api_client)

    request_json = {
      principalId: "PAT_ID",
      principalType: "token"
    }

    add_user_to_project_input = affinidi_tdk_iam_client.AddUserToProjectInput.from_dict(request_json)

    api_response = api_instance.add_user_to_project(add_user_to_project_input=add_user_to_project_input)

createProject

Create a project for your account.

Parameters

CreateProjectInput [Object]

JSON object to provide the project name and description. See more here.

{
    "name": "<PROJECT_NAME>",
    "description": "<PROJECT_DESCRIPTION>"
}
Module Imports
import { ProjectsApi, Configuration, CreateProjectInput } from '@affinidi-tdk/iam-client'
import affinidi_tdk_iam_client
Sample Codes
// Pass the User Token Auth generated from AuthProvider package
const authConfiguration = new Configuration({
  apiKey: "<USER_TOKEN_AUTH>"
})

const api = new ProjectsApi(authConfiguration)

const request: CreateProjectInput = {
    name: "project_name",
    description: "project_description"
}

const { data } = await api.createProject(request)
configuration = affinidi_tdk_iam_client.Configuration()
# Pass the User Token Auth generated from AuthProvider package
configuration.api_key['UserTokenAuth'] = "<USER_TOKEN_AUTH>"

with affinidi_tdk_iam_client.ApiClient(configuration) as api_client:
    api_instance = affinidi_tdk_iam_client.ProjectsApi(api_client)

    request_json = {
      name: "project_name",
      description: "project_description"
    }

    create_project_input = affinidi_tdk_iam_client.AddUserToProjectInput.from_dict(request_json)

    api_response = api_instance.create_project(create_project_input=create_project_input)

deletePrincipalFromProject

Delete principal (user or PAT) from the project to remove access.

Parameters

principalId [String]

ID of the User or Personal Access Token (PAT).

principalType [String]

Type of the Principal, user for User or token for Personal Access Token.

Module Imports
import { ProjectsApi, Configuration } from '@affinidi-tdk/iam-client'
import affinidi_tdk_iam_client
Sample Codes
// Pass the projectScopedToken generated from AuthProvider package
const authConfiguration = new Configuration({
  apiKey: authProvider.fetchProjectScopedToken.bind(authProvider)
})

const api = new ProjectsApi(authConfiguration)

const principalId = "PAT_ID"
const principalType = "token"

const result = await api.deletePrincipalFromProject(principalId, principalType)
configuration = affinidi_tdk_iam_client.Configuration()
# Pass the projectScopedToken generated from AuthProvider package
configuration.api_key['ProjectTokenAuth'] = projectScopedToken

with affinidi_tdk_iam_client.ApiClient(configuration) as api_client:
    api_instance = affinidi_tdk_iam_client.ProjectsApi(api_client)

    principalId = "PAT_ID"
    principalType = "token"

    api_response = api_instance.delete_principal_from_project(principalId, principalType)

listPrincipalsOfProject

Get the list of principals assigned to the project.

Parameters

No Parameters Required

Module Imports
import { ProjectsApi, Configuration } from '@affinidi-tdk/iam-client'
import affinidi_tdk_iam_client
Sample Codes
// Pass the projectScopedToken generated from AuthProvider package
const authConfiguration = new Configuration({
  apiKey: authProvider.fetchProjectScopedToken.bind(authProvider)
})

const api = new ProjectsApi(authConfiguration)

const { data } = await api.listPrincipalsOfProject()
configuration = affinidi_tdk_iam_client.Configuration()
# Pass the projectScopedToken generated from AuthProvider package
configuration.api_key['ProjectTokenAuth'] = projectScopedToken

with affinidi_tdk_iam_client.ApiClient(configuration) as api_client:
    api_instance = affinidi_tdk_iam_client.ProjectsApi(api_client)

    api_response = api_instance.list_principals_of_project()

listProject

Get the list of projects.

Parameters

No Parameters Required

Module Imports
import { ProjectsApi, Configuration } from '@affinidi-tdk/iam-client'
import affinidi_tdk_iam_client
Sample Codes
// Pass the User Token Auth generated from AuthProvider package
const authConfiguration = new Configuration({
  apiKey: "<USER_TOKEN_AUTH>"
})

const api = new ProjectsApi(authConfiguration)

const { data } = await api.listProject()
configuration = affinidi_tdk_iam_client.Configuration()
# Pass the User Token Auth generated from AuthProvider package
configuration.api_key['UserTokenAuth'] = "<USER_TOKEN_AUTH>"

with affinidi_tdk_iam_client.ApiClient(configuration) as api_client:
    api_instance = affinidi_tdk_iam_client.ProjectsApi(api_client)

    api_response = api_instance.list_project()

updateProject

Update the project details.

Parameters

projectId [String]

ID of the project to update.

UpdateProjectInput [Object]

JSON object to provide the project name and description. See more here.

{
    "name": "<PROJECT_NAME",
    "description": "<PROJECT_DESCRIPTION>"
}
Module Imports
import { ProjectsApi, Configuration, UpdateProjectInput } from '@affinidi-tdk/iam-client'
import affinidi_tdk_iam_client
Sample Codes
// Pass the User Token Auth generated from AuthProvider package
const authConfiguration = new Configuration({
  apiKey: "<USER_TOKEN_AUTH>"
})

const api = new ProjectsApi(authConfiguration)

const projectId = "project_id"

const request: UpdateProjectInput = {
    name: "project_name",
    description: "project_description"
}

const { data } = await api.updateProject(projectId, request)
configuration = affinidi_tdk_iam_client.Configuration()
# Pass the User Token Auth generated from AuthProvider package
configuration.api_key['UserTokenAuth'] = "<USER_TOKEN_AUTH>"

with affinidi_tdk_iam_client.ApiClient(configuration) as api_client:
    api_instance = affinidi_tdk_iam_client.ProjectsApi(api_client)

    projectId = "project_id"

    request_json = {
      name: "project_name",
      description: "project_description"
    }

    update_project_input = affinidi_tdk_iam_client.UpdateProjectInput.from_dict(request_json)

    api_response = api_instance.update_project(projectId, update_project_input=update_project_input)

Policies API

Use the Policies API to manage access to your projects and related resources for other users.

getPolicies

Retrieves the policy attached to a principal.

Parameters

principalId [String]

ID of the User or Personal Access Token (PAT).

principalType [String]

Type of the Principal, user for User or token for Personal Access Token.

Module Imports
import { PoliciesApi, Configuration } from '@affinidi-tdk/iam-client'
import affinidi_tdk_iam_client
Sample Codes
// Pass the projectScopedToken generated from AuthProvider package
const authConfiguration = new Configuration({
  apiKey: authProvider.fetchProjectScopedToken.bind(authProvider)
})

const api = new PoliciesApi(authConfiguration)

const principalId = "PAT_ID"
const principalType = "token"

const result = await api.getPolicies(principalId, principalType)
configuration = affinidi_tdk_iam_client.Configuration()
# Pass the projectScopedToken generated from AuthProvider package
configuration.api_key['ProjectTokenAuth'] = projectScopedToken

with affinidi_tdk_iam_client.ApiClient(configuration) as api_client:
    api_instance = affinidi_tdk_iam_client.PoliciesApi(api_client)

    principalId = "PAT_ID"
    principalType = "token"

    api_response = api_instance.get_policies(principalId, principalType)

updatePolicies

Update the Policy for the principal.

Parameters

principalId [String]

ID of the User or Personal Access Token (PAT).

principalType [String]

Type of the Principal, user for User or token for Personal Access Token.

policyDto [Object]

JSON object of Policy rules. See more here.

{
  "version": "2022-12-15",
  "statement": [
    {
      "principal": [
        "<PRINCIPAL_ID>"
      ],
      "action": [
        ""
      ],
      "resource": [
        ""
      ],
      "effect": "Allow"
    }
  ]
}
Module Imports
import { PoliciesApi, Configuration, PolicyDto } from '@affinidi-tdk/iam-client'
import affinidi_tdk_iam_client
Sample Codes
// Pass the projectScopedToken generated from AuthProvider package
const authConfiguration = new Configuration({
  apiKey: authProvider.fetchProjectScopedToken.bind(authProvider)
})

const api = new PoliciesApi(authConfiguration)

const principalId = "PAT_ID"
const principalType = "token"

const policyInfo : PolicyDto = {
  "version": "2022-12-15",
  "statement": [
    {
      "principal": [
        "<PRINCIPAL_ID>"
      ],
      "action": [
        ""
      ],
      "resource": [
        ""
      ],
      "effect": "Allow"
    }
  ]
}

const result = await api.updatePolicies(principalId, principalType, policyInfo)
configuration = affinidi_tdk_iam_client.Configuration()
# Pass the projectScopedToken generated from AuthProvider package
configuration.api_key['ProjectTokenAuth'] = projectScopedToken

with affinidi_tdk_iam_client.ApiClient(configuration) as api_client:
    api_instance = affinidi_tdk_iam_client.PoliciesApi(api_client)

    principalId = "PAT_ID"
    principalType = "token"

    policyInfo = {
      "version": "2022-12-15",
      "statement": [
        {
          "principal": [
            "<PRINCIPAL_ID>"
          ],
          "action": [
            ""
          ],
          "resource": [
            ""
          ],
          "effect": "Allow"
        }
      ]
    }

    api_response = api_instance.update_policies(principalId, principalType, policyInfo)

Secure Token Exchange (STS) API

Use the STS (Secure Token Exchange) API to create a Project Scoped Token and get the current session information.

createProjectScopedToken

Create a Project Scoped Token to access resources in the project.

Parameters

CreateProjectScopedTokenInput [Object]

JSON Object to provide the Project ID to generate the token. See more here.

{
    "projectId": "<PROJECT_ID>"
}
Module Imports
import { StsApi, Configuration, CreateProjectScopedTokenInput } from '@affinidi-tdk/iam-client'
import affinidi_tdk_iam_client
Sample Codes
// Pass the User Token Auth generated from AuthProvider package
const authConfiguration = new Configuration({
  apiKey: "<USER_TOKEN_AUTH>"
})

const api = new StsApi(authConfiguration)

const request: CreateProjectScopedTokenInput = {
    projectId: "project_id"
}

const { data } = await api.createProjectScopedToken(request)
configuration = affinidi_tdk_iam_client.Configuration()
# Pass the User Token Auth generated from AuthProvider package
configuration.api_key['UserTokenAuth'] = "<USER_TOKEN_AUTH>"

with affinidi_tdk_iam_client.ApiClient(configuration) as api_client:
    api_instance = affinidi_tdk_iam_client.StsApi(api_client)

    request_json = "{
      projectId: "project_id"
    }"

    project_scoped_token_input = affinidi_tdk_iam_client.CreateProjectScopedTokenInput.from_dict(request_json)

    api_response = api_instance.project_scoped_token(project_scoped_token_input=project_scoped_token_input)

whoami

Retrieve the principal information of the current user.

Paramaters

No Parameters Required

Module Imports
import { StsApi, Configuration } from '@affinidi-tdk/iam-client'
import affinidi_tdk_iam_client
Sample Codes
// Pass the User Token Auth generated from AuthProvider package
const authConfiguration = new Configuration({
  apiKey: "<USER_TOKEN_AUTH>"
})

const api = new StsApi(authConfiguration)

const { data } = await api.whoami()
configuration = affinidi_tdk_iam_client.Configuration()
# Pass the User Token Auth generated from AuthProvider package
configuration.api_key['UserTokenAuth'] = "<USER_TOKEN_AUTH>"

with affinidi_tdk_iam_client.ApiClient(configuration) as api_client:
    api_instance = affinidi_tdk_iam_client.StsApi(api_client)

    api_response = api_instance.whoami()

Tokens API

Use the Tokens API to create a Personal Access Token (PAT) to call Affinidi services on your behalf. Alternatively, use the Token command from Affinidi CLI.

createToken

Create a Personal Access Token.

Parameters

CreateTokenInput [Object]

JSON object to provide the details of the PAT like name and the public key info. See more here.

Module Imports
import { TokensApi, Configuration, CreateTokenInput } from '@affinidi-tdk/iam-client'
import affinidi_tdk_iam_client
Sample Codes
// Pass the User Token Auth generated from AuthProvider package
const authConfiguration = new Configuration({
  apiKey: "<USER_TOKEN_AUTH>"
})

const api = new TokensApi(authConfiguration)

const jwks = {
    keys: [
        {
        kid: "kid",
        alg: algorithm,
        use: "sig",
        kty: jwk.kty,
        n: jwk.n,
        e: jwk.e,
        },
    ],
}

const request: CreateTokenInput = {
      name: "token_name",
      authenticationMethod: {
        type: "PRIVATE_KEY",
        signingAlgorithm: algorithm,
        publicKeyInfo: {
          jwks,
        },
      },
    }

const { data } = await api.createToken(request)
configuration = affinidi_tdk_iam_client.Configuration()
# Pass the User Token Auth generated from AuthProvider package
configuration.api_key['UserTokenAuth'] = "<USER_TOKEN_AUTH>"

with affinidi_tdk_iam_client.ApiClient(configuration) as api_client:
    api_instance = affinidi_tdk_iam_client.TokensApi(api_client)

    jwks = "{
        keys: [
            {
            kid: "kid",
            alg: algorithm,
            use: "sig",
            kty: jwk.kty,
            n: jwk.n,
            e: jwk.e,
            },
        ],
    }"

    request_json = "{
        name: "token_name",
        authenticationMethod: {
            type: "PRIVATE_KEY",
            signingAlgorithm: algorithm,
            publicKeyInfo: {
                jwks,
            },
        },
    }"

    create_token_input = affinidi_tdk_iam_client.CreateTokenInput.from_dict(request_json)

    api_response = api_instance.create_token(create_token_input=create_token_input)

deleteToken

Delete a Personal Access Token.

Parameters

tokenId [String]

ID of the Personal Access Token to delete.

Module Imports
import { TokensApi, Configuration } from '@affinidi-tdk/iam-client'
import affinidi_tdk_iam_client
Sample Codes
// Pass the User Token Auth generated from AuthProvider package
const authConfiguration = new Configuration({
  apiKey: "<USER_TOKEN_AUTH>"
})

const api = new TokensApi(authConfiguration)

const tokenId = "token_id"

const result = await api.deleteToken(tokenId)
configuration = affinidi_tdk_iam_client.Configuration()
# Pass the User Token Auth generated from AuthProvider package
configuration.api_key['UserTokenAuth'] = "<USER_TOKEN_AUTH>"

with affinidi_tdk_iam_client.ApiClient(configuration) as api_client:
    api_instance = affinidi_tdk_iam_client.TokensApi(api_client)

    token_id = "token_id" 

    api_response =  api_instance.delete_token(token_id)

getToken

Retrieve the Personal Access Token details.

Parameters

tokenId [String]

ID of the Personal Access Token to retrieve.

Module Imports
import { TokensApi, Configuration } from '@affinidi-tdk/iam-client'
import affinidi_tdk_iam_client
Sample Codes
// Pass the User Token Auth generated from AuthProvider package
const authConfiguration = new Configuration({
  apiKey: "<USER_TOKEN_AUTH>"
})

const api = new TokensApi(authConfiguration)

const tokenId = "token_id"

const { data } = await api.getToken(tokenId)
configuration = affinidi_tdk_iam_client.Configuration()
# Pass the User Token Auth generated from AuthProvider package
configuration.api_key['UserTokenAuth'] = "<USER_TOKEN_AUTH>"

with affinidi_tdk_iam_client.ApiClient(configuration) as api_client:
    api_instance = affinidi_tdk_iam_client.TokensApi(api_client)

    token_id = "token_id" 

    api_response = api_instance.get_token(token_id)

listToken

Get the list of Personal Access Token.

Parameters

No Parameters Required

Module Imports
import { TokensApi, Configuration } from '@affinidi-tdk/iam-client'
import affinidi_tdk_iam_client
Sample Codes
// Pass the User Token Auth generated from AuthProvider package
const authConfiguration = new Configuration({
  apiKey: "<USER_TOKEN_AUTH>"
})

const api = new TokensApi(authConfiguration)

const { data } = await api.listToken()
configuration = affinidi_tdk_iam_client.Configuration()
# Pass the User Token Auth generated from AuthProvider package
configuration.api_key['UserTokenAuth'] = "<USER_TOKEN_AUTH>"

with affinidi_tdk_iam_client.ApiClient(configuration) as api_client:
    api_instance = affinidi_tdk_iam_client.TokensApi(api_client)

    api_response = api_instance.list_token()

updateToken

Update an existing Personal Access Token.

Parameters

tokenId [String]

ID of the Personal Access Token to update.

UpdateTokenInput [Object]

JSON object to provide the details to update the Personal Access Token. See more here.

Module Imports
import { TokensApi, Configuration, UpdateTokenInput } from '@affinidi-tdk/iam-client'
import affinidi_tdk_iam_client
Sample Codes
// Pass the User Token Auth generated from AuthProvider package
const authConfiguration = new Configuration({
  apiKey: "<USER_TOKEN_AUTH>"
})

const api = new TokensApi(authConfiguration)

const tokenId = "token_id" 
const jwks = {
    keys: [
        {
        kid: "kid",
        alg: algorithm,
        use: "sig",
        kty: jwk.kty,
        n: jwk.n,
        e: jwk.e,
        },
    ],
}

const request: UpdateTokenInput = {
      name: "token_name",
      authenticationMethod: {
        type: "PRIVATE_KEY",
        signingAlgorithm: algorithm,
        publicKeyInfo: {
          jwks,
        },
      },
    }

const { data } = await api.updateToken(tokenId, request)
configuration = affinidi_tdk_iam_client.Configuration()
# Pass the User Token Auth generated from AuthProvider package
configuration.api_key['UserTokenAuth'] = "<USER_TOKEN_AUTH>"

with affinidi_tdk_iam_client.ApiClient(configuration) as api_client:
    api_instance = affinidi_tdk_iam_client.TokensApi(api_client)

    token_id = "token_id"
    jwks = "{
        keys: [
            {
            kid: "kid",
            alg: algorithm,
            use: "sig",
            kty: jwk.kty,
            n: jwk.n,
            e: jwk.e,
            },
        ],
    }"

    request_json = "{
        name: "token_name",
        authenticationMethod: {
            type: "PRIVATE_KEY",
            signingAlgorithm: algorithm,
            publicKeyInfo: {
                jwks,
            },
        },
    }"

    update_token_input = affinidi_tdk_iam_client.UpdateTokenInput.from_dict(request_json)

    api_response = api_instance.update_token(token_id, update_token_input=update_token_input)