IAM

Manage Projects and Access Policies with IAM Service.

Supported Languages

Package: @affinidi-tdk/iam-client

npm install @affinidi-tdk/iam-client --save

You can check the latest version of this module on the NPM repository or view the source code at the GitHub repository.

Classes and Methods

Projects API

Use the Projects API to manage your projects including providing access to other users on your projects.

addPrincipalToProject

Add principal to the project to get access.

Parameters

addUserToProjectInput [Object]

JSON object to provide the principal ID and principal type to add to the project. See more here.

{
  "principalId": "<PRINCIPAL_ID>",
  "principalType": "<PRINCIPAL_TYPE>"
}

Example


import { ProjectsApi, Configuration, AddUserToProjectInput } from '@affinidi-tdk/iam-client'


// Pass the projectScopedToken generated from AuthProvider package
const authConfiguration = new Configuration({
  apiKey: authProvider.fetchProjectScopedToken.bind(authProvider)
})

const api = new ProjectsApi(authConfiguration)

const request: AddUserToProjectInput = {
    principalId: "PAT_ID",
    principalType: "token"
}

const { data } = await api.addPrincipalToProject(request)

createProject

Create a project for your account.

Parameters

CreateProjectInput [Object]

JSON object to provide the project name and description. See more here.

{
    "name": "<PROJECT_NAME>",
    "description": "<PROJECT_DESCRIPTION>"
}

Example


import { ProjectsApi, Configuration, CreateProjectInput } from '@affinidi-tdk/iam-client'


// Pass the User Token Auth generated from AuthProvider package
const authConfiguration = new Configuration({
  apiKey: "<USER_TOKEN_AUTH>"
})

const api = new ProjectsApi(authConfiguration)

const request: CreateProjectInput = {
    name: "project_name",
    description: "project_description"
}

const { data } = await api.createProject(request)

deletePrincipalFromProject

Delete principal (user or PAT) from the project to remove access.

Parameters

principalId [String]

ID of the User or Personal Access Token (PAT).

principalType [String]

Type of the Principal, user for User or token for Personal Access Token.

Example


import { ProjectsApi, Configuration } from '@affinidi-tdk/iam-client'


// Pass the projectScopedToken generated from AuthProvider package
const authConfiguration = new Configuration({
  apiKey: authProvider.fetchProjectScopedToken.bind(authProvider)
})

const api = new ProjectsApi(authConfiguration)

const principalId = "PAT_ID"
const principalType = "token"

const result = await api.deletePrincipalFromProject(principalId, principalType)

listPrincipalsOfProject

Get the list of principals assigned to the project.

Parameters

No Parameters Required

Example


import { ProjectsApi, Configuration } from '@affinidi-tdk/iam-client'


// Pass the projectScopedToken generated from AuthProvider package
const authConfiguration = new Configuration({
  apiKey: authProvider.fetchProjectScopedToken.bind(authProvider)
})

const api = new ProjectsApi(authConfiguration)

const { data } = await api.listPrincipalsOfProject()

listProject

Get the list of projects.

Parameters

No Parameters Required

Example


import { ProjectsApi, Configuration } from '@affinidi-tdk/iam-client'


// Pass the User Token Auth generated from AuthProvider package
const authConfiguration = new Configuration({
  apiKey: "<USER_TOKEN_AUTH>"
})

const api = new ProjectsApi(authConfiguration)

const { data } = await api.listProject()

updateProject

Update the project details.

Parameters

projectId [String]

ID of the project to update.

UpdateProjectInput [Object]

JSON object to provide the project name and description. See more here.

{
    "name": "<PROJECT_NAME",
    "description": "<PROJECT_DESCRIPTION>"
}

Example


import { ProjectsApi, Configuration, UpdateProjectInput } from '@affinidi-tdk/iam-client'


// Pass the User Token Auth generated from AuthProvider package
const authConfiguration = new Configuration({
  apiKey: "<USER_TOKEN_AUTH>"
})

const api = new ProjectsApi(authConfiguration)

const projectId = "project_id"

const request: UpdateProjectInput = {
    name: "project_name",
    description: "project_description"
}

const { data } = await api.updateProject(projectId, request)

Policies API

Use the Policies API to manage access to your projects and related resources for other users.

getPolicies

Retrieves the policy attached to a principal.

Parameters

principalId [String]

ID of the User or Personal Access Token (PAT).

principalType [String]

Type of the Principal, user for User or token for Personal Access Token.

Example


import { PoliciesApi, Configuration } from '@affinidi-tdk/iam-client'


// Pass the projectScopedToken generated from AuthProvider package
const authConfiguration = new Configuration({
  apiKey: authProvider.fetchProjectScopedToken.bind(authProvider)
})

const api = new PoliciesApi(authConfiguration)

const principalId = "PAT_ID"
const principalType = "token"

const result = await api.getPolicies(principalId, principalType)

updatePolicies

Update the Policy for the principal.

Parameters

principalId [String]

ID of the User or Personal Access Token (PAT).

principalType [String]

Type of the Principal, user for User or token for Personal Access Token.

policyDto [Object]

JSON object of Policy rules. See more here.

{
  "version": "2022-12-15",
  "statement": [
    {
      "principal": [
        "<PRINCIPAL_ID>"
      ],
      "action": [
        ""
      ],
      "resource": [
        ""
      ],
      "effect": "Allow"
    }
  ]
}

Example


import { PoliciesApi, Configuration, PolicyDto } from '@affinidi-tdk/iam-client'


// Pass the projectScopedToken generated from AuthProvider package
const authConfiguration = new Configuration({
  apiKey: authProvider.fetchProjectScopedToken.bind(authProvider)
})

const api = new PoliciesApi(authConfiguration)

const principalId = "PAT_ID"
const principalType = "token"

const policyInfo : PolicyDto = {
  "version": "2022-12-15",
  "statement": [
    {
      "principal": [
        "<PRINCIPAL_ID>"
      ],
      "action": [
        ""
      ],
      "resource": [
        ""
      ],
      "effect": "Allow"
    }
  ]
}

const result = await api.updatePolicies(principalId, principalType, policyInfo)

Secure Token Exchange (STS) API

Use the STS (Secure Token Exchange) API to create a Project Scoped Token and get the current session information.

createProjectScopedToken

Create a Project Scoped Token to access resources in the project.

Parameters

CreateProjectScopedTokenInput [Object]

JSON Object to provide the Project ID to generate the token. See more here.

{
    "projectId": "<PROJECT_ID>"
}

Example


import { StsApi, Configuration, CreateProjectScopedTokenInput } from '@affinidi-tdk/iam-client'


// Pass the User Token Auth generated from AuthProvider package
const authConfiguration = new Configuration({
  apiKey: "<USER_TOKEN_AUTH>"
})

const api = new StsApi(authConfiguration)

const request: CreateProjectScopedTokenInput = {
    projectId: "project_id"
}

const { data } = await api.createProjectScopedToken(request)

whoami

Retrieve the principal information of the current user.

Paramaters

No Parameters Required

Example


import { StsApi, Configuration } from '@affinidi-tdk/iam-client'


// Pass the User Token Auth generated from AuthProvider package
const authConfiguration = new Configuration({
  apiKey: "<USER_TOKEN_AUTH>"
})

const api = new StsApi(authConfiguration)

const { data } = await api.whoami()

Tokens API

Use the Tokens API to create a Personal Access Token (PAT) to call Affinidi services on your behalf. Alternatively, use the Token command from Affinidi CLI.

createToken

Create a Personal Access Token.

Parameters

CreateTokenInput [Object]

JSON object to provide the details of the PAT like name and the public key info. See more here.

Example


import { TokensApi, Configuration, CreateTokenInput } from '@affinidi-tdk/iam-client'


// Pass the User Token Auth generated from AuthProvider package
const authConfiguration = new Configuration({
  apiKey: "<USER_TOKEN_AUTH>"
})

const api = new TokensApi(authConfiguration)

const jwks = {
    keys: [
        {
        kid: "kid",
        alg: algorithm,
        use: "sig",
        kty: jwk.kty,
        n: jwk.n,
        e: jwk.e,
        },
    ],
}

const request: CreateTokenInput = {
      name: "token_name",
      authenticationMethod: {
        type: "PRIVATE_KEY",
        signingAlgorithm: algorithm,
        publicKeyInfo: {
          jwks,
        },
      },
    }

const { data } = await api.createToken(request)

deleteToken

Delete a Personal Access Token.

Parameters

tokenId [String]

ID of the Personal Access Token to delete.

Example


import { TokensApi, Configuration } from '@affinidi-tdk/iam-client'


// Pass the User Token Auth generated from AuthProvider package
const authConfiguration = new Configuration({
  apiKey: "<USER_TOKEN_AUTH>"
})

const api = new TokensApi(authConfiguration)

const tokenId = "token_id"

const result = await api.deleteToken(tokenId)

getToken

Retrieve the Personal Access Token details.

Parameters

tokenId [String]

ID of the Personal Access Token to retrieve.

Example


import { TokensApi, Configuration } from '@affinidi-tdk/iam-client'


// Pass the User Token Auth generated from AuthProvider package
const authConfiguration = new Configuration({
  apiKey: "<USER_TOKEN_AUTH>"
})

const api = new TokensApi(authConfiguration)

const tokenId = "token_id"

const { data } = await api.getToken(tokenId)

listToken

Get the list of Personal Access Token.

Parameters

No Parameters Required

Example


import { TokensApi, Configuration } from '@affinidi-tdk/iam-client'


// Pass the User Token Auth generated from AuthProvider package
const authConfiguration = new Configuration({
  apiKey: "<USER_TOKEN_AUTH>"
})

const api = new TokensApi(authConfiguration)

const { data } = await api.listToken()

updateToken

Update an existing Personal Access Token.

Parameters

tokenId [String]

ID of the Personal Access Token to update.

UpdateTokenInput [Object]

JSON object to provide the details to update the Personal Access Token. See more here.

Example


import { TokensApi, Configuration, UpdateTokenInput } from '@affinidi-tdk/iam-client'


// Pass the User Token Auth generated from AuthProvider package
const authConfiguration = new Configuration({
  apiKey: "<USER_TOKEN_AUTH>"
})

const api = new TokensApi(authConfiguration)

const tokenId = "token_id" 
const jwks = {
    keys: [
        {
        kid: "kid",
        alg: algorithm,
        use: "sig",
        kty: jwk.kty,
        n: jwk.n,
        e: jwk.e,
        },
    ],
}

const request: UpdateTokenInput = {
      name: "token_name",
      authenticationMethod: {
        type: "PRIVATE_KEY",
        signingAlgorithm: algorithm,
        publicKeyInfo: {
          jwks,
        },
      },
    }

const { data } = await api.updateToken(tokenId, request)

Was this page helpful?

Glad to hear it! Please tell us how we can improve more.

Sorry to hear that. Please tell us how we can improve.

Thank you for sharing your feedback so we can improve your experience.