Arianee Access Token
The Arianee Access Token library allows to to create and manage Arianee Access Token.
Before you begin
What is the Arianee Access Token?
An Arianee Access Token is an Ethereum Web Token or JSON Web Token using the Ethereum algorithm signature. It is very similar to an Arianee Proof, but it does not require a blockchain transaction, it is made off-chain.
The Arianee Access Token allows to prove that a user owns a wallet without sharing its private key.
header.playload.signature
eyJ0eXAiOiJKV1QiLCJhbGciOiJFVEgifQ==.eyJpc3MiOiIweDQ5NjdmOTZBOTUyMDk2Q2IxODAyRDM3NWNCNzAzMTRmODcyOUE5NzciLCJzY29wZSI6ImFsbCIsImV4cCI6MTU5NTkxMzMyNDk1OSwiaWF0IjoxNTk1OTEzMDI0OTYwLCJjaGFpbiI6InRlc3RuZXQiLCJzdWIiOiJjZXJ0aWZpY2F0ZSIsInN1YklkIjozNzAzNDU0fQ==.0x1a13a3f9f47b31212bfca68b67e17053c9a95d68d356bb540c7f7af77682699316a34fdb44c07a744e8584a41a5beea5b86ba92d97a4ab03ec5598f50a3f81f21c
HEADER
{
"typ": "JWT",
"alg": "ETH"
}
BODY
{
"iss": "0x4967f96A952096Cb1802D375cB70314f8729A977",
"scope": "all",
"exp": 1595913324959,
"iat": 1595913024960,
"chain": "testnet",
"sub": "certificate",
"subId": 3703454
}
The Arianee Access Token is valid if:
iss
(issuer) signed it.- It is used before
exp
(expiration).
What for?
Arianee Access Token is similar to a JSON Web Token but signed by a wallet. They are widely used as a secure way of transmitting information between stakeholders in a web application environment. Find below some other advantages:
- Off-chain: it does not require any blockchain transaction: so it is free to sign a JSON Web Token (no transaction cost) and it is instant.
- Compact & efficient: lightweight and can be sent via HTTP headers, which makes them efficient for use in API authentication and authorization.
- Stateless: does not require a database lookup to validate their authenticity. All the information required to validate the token is contained within the token itself, making it easy to use in a stateless architecture.
- Cross-domain compatibility: can be easily passed between different domains, which is useful in a micro-services architecture where different services are running in different domains.
- Secure: signed using a secret or a public/private key pair, which makes them tamper-proof.
- Flexible: can carry a large amount of information in a compact format, making them flexible and useful for many use cases, including user authentication and authorization, as well as session management.
Let's start ๐
Instantiate the class with a core instance and a wallet address.
const core = core.fromPrivateKey('0x...');
const arianeeAccessToken = new ArianeeAccessToken(core);
Methods List
Generate an Arianee Access Token - Wallet scope
createWalletAccessToken()
promise
returns a string
as the Arianee Access Token.
Generate an Arianee Access Token - NFT scope
Method
createCertificateArianeeAccessToken(certificateId: number, network: string)
Parameter | Type | Mandatory | Description |
---|---|---|---|
certificateId | Number | โ | Identification number of the NFT. |
network | String | โ | Network of the protocol. Blockchain or custom network, e.g. brandname . |
Result: promise
returns a string
as the Arianee Access Token.
Generate an Arianee Access Token link
Method
createActionArianeeAccessTokenLink(url: string, certificateId: number, network: string)
Parameter | Type | Mandatory | Description |
---|---|---|---|
certificateId | Number | โ | Identification number of the NFT. |
network | String | โ | Network of the protocol. Blockchain or custom network, e.g. brandname . |
Result: promise
returns a string
as the URL of the Arianee Access Token attached to it.
Check if an Arianee Access Token is valid
Method
static isArianeeAccessTokenValid(arianeeAccessToken: string)
Parameter | Type | Mandatory | Description |
---|---|---|---|
arianeeAccessToken | String | โ | Arianee Access Token to verify. |
Result: promise
returns boolean
.
Decode an Arianee Access Token
Method
static decodeJwt(arianeeAccessToken: string)
Parameter | Type | Mandatory | Description |
---|---|---|---|
arianeeAccessToken | String | โ | Arianee Access Token to verify. |
Result: promise
returns an object
with Arianee Access Token components:
header
playload
signature
Updated about 1 year ago