IAM
Install Dependency
Package: affinidi-tdk/affinidi-tdk-php
composer require affinidi-tdk/affinidi-tdk-phpYou can check the latest version of this module on the Packagist repository or view the source code at the GitHub repository.
Classes and Methods
Projects API
Use the Projects API to manage your projects including providing access to other users on your projects.
addPrincipalToProject
Add principal to the project to get access.
Parameters
addUserToProjectInput [Object]
JSON object to provide the principal ID and principal type to add to the project. See more here.
{
"principalId": "<PRINCIPAL_ID>",
"principalType": "<PRINCIPAL_TYPE>"
}Example
require_once 'vendor/autoload.php';
use AffinidiTdk\Clients\IamClient;$tokenCallback = [$authProvider, 'fetchProjectScopedToken'];
// Configure API key authorization: ProjectTokenAuth
$config = IamClient\Configuration::getDefaultConfiguration()->setApiKey('authorization', '', $tokenCallback);
$apiInstance = new IamClient\Api\ProjectsApi(
new GuzzleHttp\Client(),
$config
);
try {
$request = array(
"principalId" => "PAT_ID",
"principalType" => "token"
);
$result = $apiInstance->addPrincipalToProject($request);
print_r($result);
} catch (Exception $e) {
echo 'Exception when calling method: ', $e->getMessage(), PHP_EOL;
}createProject
Create a project for your account.
Parameters
CreateProjectInput [Object]
JSON object to provide the project name and description. See more here.
{
"name": "<PROJECT_NAME>",
"description": "<PROJECT_DESCRIPTION>"
}Example
require_once 'vendor/autoload.php';
use AffinidiTdk\Clients\IamClient;$tokenCallback = [$authProvider, 'fetchProjectScopedToken'];
// Configure API key authorization: ProjectTokenAuth
$config = IamClient\Configuration::getDefaultConfiguration()->setApiKey('authorization', '', $tokenCallback);
$apiInstance = new IamClient\Api\ProjectsApi(
new GuzzleHttp\Client(),
$config
);
try {
$request = array(
"name" => "project_name",
"description" => "project_description"
);
$result = $apiInstance->createProject($request);
print_r($result);
} catch (Exception $e) {
echo 'Exception when calling method: ', $e->getMessage(), PHP_EOL;
}deletePrincipalFromProject
Delete principal (user or PAT) from the project to remove access.
Parameters
principalId [String]
ID of the User or Personal Access Token (PAT).
principalType [String]
Type of the Principal, user for User or token for Personal Access Token.
Example
require_once 'vendor/autoload.php';
use AffinidiTdk\Clients\IamClient;$tokenCallback = [$authProvider, 'fetchProjectScopedToken'];
// Configure API key authorization: ProjectTokenAuth
$config = IamClient\Configuration::getDefaultConfiguration()->setApiKey('authorization', '', $tokenCallback);
$apiInstance = new IamClient\Api\ProjectsApi(
new GuzzleHttp\Client(),
$config
);
try {
$principalId = "PAT_ID";
$principalType = "token";
$result = $apiInstance->deletePrincipalFromProject($principalId, $principalType);
print_r($result);
} catch (Exception $e) {
echo 'Exception when calling method: ', $e->getMessage(), PHP_EOL;
}listPrincipalsOfProject
Get the list of principals assigned to the project.
Parameters
No Parameters Required
Example
require_once 'vendor/autoload.php';
use AffinidiTdk\Clients\IamClient;$tokenCallback = [$authProvider, 'fetchProjectScopedToken'];
// Configure API key authorization: ProjectTokenAuth
$config = IamClient\Configuration::getDefaultConfiguration()->setApiKey('authorization', '', $tokenCallback);
$apiInstance = new IamClient\Api\ProjectsApi(
new GuzzleHttp\Client(),
$config
);
try {
$result = $apiInstance->listPrincipalsOfProject();
print_r($result);
} catch (Exception $e) {
echo 'Exception when calling method: ', $e->getMessage(), PHP_EOL;
}listProject
Get the list of projects.
Parameters
No Parameters Required
Example
require_once 'vendor/autoload.php';
use AffinidiTdk\Clients\IamClient;$tokenCallback = [$authProvider, 'fetchProjectScopedToken'];
// Configure API key authorization: ProjectTokenAuth
$config = IamClient\Configuration::getDefaultConfiguration()->setApiKey('authorization', '', $tokenCallback);
$apiInstance = new IamClient\Api\ProjectsApi(
new GuzzleHttp\Client(),
$config
);
try {
$result = $apiInstance->listProject();
print_r($result);
} catch (Exception $e) {
echo 'Exception when calling method: ', $e->getMessage(), PHP_EOL;
}updateProject
Update the project details.
Parameters
projectId [String]
ID of the project to update.
UpdateProjectInput [Object]
JSON object to provide the project name and description. See more here.
{
"name": "<PROJECT_NAME",
"description": "<PROJECT_DESCRIPTION>"
}Example
require_once 'vendor/autoload.php';
use AffinidiTdk\Clients\IamClient;$tokenCallback = [$authProvider, 'fetchProjectScopedToken'];
// Configure API key authorization: ProjectTokenAuth
$config = IamClient\Configuration::getDefaultConfiguration()->setApiKey('authorization', '', $tokenCallback);
$apiInstance = new IamClient\Api\ProjectsApi(
new GuzzleHttp\Client(),
$config
);
try {
$projectId = "<Project_ID>";
$request = array(
"name" => "project_name",
"description" => "project_description"
);
$result = $apiInstance->createProject($projectId, $request);
print_r($result);
} catch (Exception $e) {
echo 'Exception when calling method: ', $e->getMessage(), PHP_EOL;
}Policies API
Use the Policies API to manage access to your projects and related resources for other users.
getPolicies
Retrieves the policy attached to a principal.
Parameters
principalId [String]
ID of the User or Personal Access Token (PAT).
principalType [String]
Type of the Principal, user for User or token for Personal Access Token.
Example
require_once 'vendor/autoload.php';
use AffinidiTdk\Clients\IamClient;$tokenCallback = [$authProvider, 'fetchProjectScopedToken'];
// Configure API key authorization: ProjectTokenAuth
$config = IamClient\Configuration::getDefaultConfiguration()->setApiKey('authorization', '', $tokenCallback);
$apiInstance = new IamClient\Api\PoliciesApi(
new GuzzleHttp\Client(),
$config
);
try {
$principalId = "PAT_ID";
$principalType = "token";
$result = $apiInstance->getPolicies($principalId, $principalType);
print_r($result);
} catch (Exception $e) {
echo 'Exception when calling method: ', $e->getMessage(), PHP_EOL;
}updatePolicies
Update the Policy for the principal.
Parameters
principalId [String]
ID of the User or Personal Access Token (PAT).
principalType [String]
Type of the Principal, user for User or token for Personal Access Token.
policyDto [Object]
JSON object of Policy rules. See more here.
{
"version": "2022-12-15",
"statement": [
{
"principal": [
"<PRINCIPAL_ID>"
],
"action": [
""
],
"resource": [
""
],
"effect": "Allow"
}
]
}Example
require_once 'vendor/autoload.php';
use AffinidiTdk\Clients\IamClient;$tokenCallback = [$authProvider, 'fetchProjectScopedToken'];
// Configure API key authorization: ProjectTokenAuth
$config = IamClient\Configuration::getDefaultConfiguration()->setApiKey('authorization', '', $tokenCallback);
$apiInstance = new IamClient\Api\PoliciesApi(
new GuzzleHttp\Client(),
$config
);
try {
$principalId = "PAT_ID";
$principalType = "token";
$request = array(
"version" => "2022-12-15",
"statement" => array(
array(
"principal" => array(
"<PRINCIPAL_ID>"
),
"action" => array(
),
"resource" => array(
),
"effect" => "Allow"
)
)
);
$result = $apiInstance->updatePolicies($principalId, $principalType, $request);
print_r($result);
} catch (Exception $e) {
echo 'Exception when calling method: ', $e->getMessage(), PHP_EOL;
}Secure Token Exchange (STS) API
Use the STS (Secure Token Exchange) API to create a Project Scoped Token and get the current session information.
createProjectScopedToken
Create a Project Scoped Token to access resources in the project.
Parameters
CreateProjectScopedTokenInput [Object]
JSON Object to provide the Project ID to generate the token. See more here.
{
"projectId": "<PROJECT_ID>"
}Example
require_once 'vendor/autoload.php';
use AffinidiTdk\Clients\IamClient;$tokenCallback = [$authProvider, 'fetchProjectScopedToken'];
// Configure API key authorization: ProjectTokenAuth
$config = IamClient\Configuration::getDefaultConfiguration()->setApiKey('authorization', '', $tokenCallback);
$apiInstance = new IamClient\Api\StsApi(
new GuzzleHttp\Client(),
$config
);
try {
$request = array(
"projectId" => "<PROJECT_ID>"
);
$result = $apiInstance->createProjectScopedToken($request);
print_r($result);
} catch (Exception $e) {
echo 'Exception when calling method: ', $e->getMessage(), PHP_EOL;
}whoami
Retrieve the principal information of the current user.
Paramaters
No Parameters Required
Example
require_once 'vendor/autoload.php';
use AffinidiTdk\Clients\IamClient;
``````PHP
$tokenCallback = [$authProvider, 'fetchProjectScopedToken'];
// Configure API key authorization: ProjectTokenAuth
$config = IamClient\Configuration::getDefaultConfiguration()->setApiKey('authorization', '', $tokenCallback);
$apiInstance = new IamClient\Api\StsApi(
new GuzzleHttp\Client(),
$config
);
try {
$result = $apiInstance->whoami();
print_r($result);
} catch (Exception $e) {
echo 'Exception when calling method: ', $e->getMessage(), PHP_EOL;
}Tokens API
Use the Tokens API to create a Personal Access Token (PAT) to call Affinidi services on your behalf. Alternatively, use the Token command from Affinidi CLI.
createToken
Create a Personal Access Token.
Parameters
CreateTokenInput [Object]
JSON object to provide the details of the PAT like name and the public key info. See more here.
Example
require_once 'vendor/autoload.php';
use AffinidiTdk\Clients\IamClient;$tokenCallback = [$authProvider, 'fetchProjectScopedToken'];
// Configure API key authorization: ProjectTokenAuth
$config = IamClient\Configuration::getDefaultConfiguration()->setApiKey('authorization', '', $tokenCallback);
$apiInstance = new IamClient\Api\TokensApi(
new GuzzleHttp\Client(),
$config
);
try {
$jwks = array(
"keys" => array(
array(
"kty" => jwks.kty,
"n" => jwks.n,
"e" => jwks.e,
"alg" => "algorithm",
"kid" => "kid",
"use" => "sig"
)
),
);
$request = array(
"name" => "token_name",
"authenticationMethod" => array(
"type" => "PRIVATE_KEY",
"signingAlgorithm" => "algorithm",
"publicKeyInfo" => array(
"jwks" => $jwks
)
),
);
$result = $apiInstance->createToken($request);
print_r($result);
} catch (Exception $e) {
echo 'Exception when calling method: ', $e->getMessage(), PHP_EOL;
}deleteToken
Delete a Personal Access Token.
Parameters
tokenId [String]
ID of the Personal Access Token to delete.
Example
require_once 'vendor/autoload.php';
use AffinidiTdk\Clients\IamClient;$tokenCallback = [$authProvider, 'fetchProjectScopedToken'];
// Configure API key authorization: ProjectTokenAuth
$config = IamClient\Configuration::getDefaultConfiguration()->setApiKey('authorization', '', $tokenCallback);
$apiInstance = new IamClient\Api\TokensApi(
new GuzzleHttp\Client(),
$config
);
try {
$tokenId = "<TOKEN_ID>";
$result = $apiInstance->deleteToken($tokenId);
print_r($result);
} catch (Exception $e) {
echo 'Exception when calling method: ', $e->getMessage(), PHP_EOL;
}getToken
Retrieve the Personal Access Token details.
Parameters
tokenId [String]
ID of the Personal Access Token to retrieve.
Example
require_once 'vendor/autoload.php';
use AffinidiTdk\Clients\IamClient;$tokenCallback = [$authProvider, 'fetchProjectScopedToken'];
// Configure API key authorization: ProjectTokenAuth
$config = IamClient\Configuration::getDefaultConfiguration()->setApiKey('authorization', '', $tokenCallback);
$apiInstance = new IamClient\Api\TokensApi(
new GuzzleHttp\Client(),
$config
);
try {
$tokenId = "<TOKEN_ID>"
$result = $apiInstance->getToken($tokenId);
print_r($result);
} catch (Exception $e) {
echo 'Exception when calling method: ', $e->getMessage(), PHP_EOL;
}listToken
Get the list of Personal Access Token.
Parameters
No Parameters Required
Example
require_once 'vendor/autoload.php';
use AffinidiTdk\Clients\IamClient;$tokenCallback = [$authProvider, 'fetchProjectScopedToken'];
// Configure API key authorization: ProjectTokenAuth
$config = IamClient\Configuration::getDefaultConfiguration()->setApiKey('authorization', '', $tokenCallback);
$apiInstance = new IamClient\Api\TokensApi(
new GuzzleHttp\Client(),
$config
);
try {
$result = $apiInstance->listToken();
print_r($result);
} catch (Exception $e) {
echo 'Exception when calling method: ', $e->getMessage(), PHP_EOL;
}updateToken
Update an existing Personal Access Token.
Parameters
tokenId [String]
ID of the Personal Access Token to update.
UpdateTokenInput [Object]
JSON object to provide the details to update the Personal Access Token. See more here.
Example
require_once 'vendor/autoload.php';
use AffinidiTdk\Clients\IamClient;$tokenCallback = [$authProvider, 'fetchProjectScopedToken'];
// Configure API key authorization: ProjectTokenAuth
$config = IamClient\Configuration::getDefaultConfiguration()->setApiKey('authorization', '', $tokenCallback);
$apiInstance = new IamClient\Api\TokensApi(
new GuzzleHttp\Client(),
$config
);
try {
$tokenId = "<TOKEN_ID>";
$jwks = array(
"keys" => array(
array(
"kty" => jwks.kty,
"n" => jwks.n,
"e" => jwks.e,
"alg" => "algorithm",
"kid" => "kid",
"use" => "sig"
)
),
);
$request = array(
"name" => "token_name",
"authenticationMethod" => array(
"type" => "PRIVATE_KEY",
"signingAlgorithm" => "algorithm",
"publicKeyInfo" => array(
"jwks" => $jwks
)
),
);
$result = $apiInstance->updateToken($tokenId, $request);
print_r($result);
} catch (Exception $e) {
echo 'Exception when calling method: ', $e->getMessage(), PHP_EOL;
}Glad to hear it! Please tell us how we can improve more.
Sorry to hear that. Please tell us how we can improve.
Thank you for sharing your feedback so we can improve your experience.