indykite-sdk-python 1.23.0

A python SDK package for Indykite's system (with protobuf)

IndyKite Python SDK 🐍

This project serves as a Software Development Kit for developers of Indykite applications. The Python SDK enables you to easily integrate the IndyKite platform gRPC APIs into your Python application. https://console.indykite.id/ https://www.indykite.com/

Requirements

• Python 3.11

Installation

pip install indykite-sdk-python

Used terminology

Definition	Description
Digital Twin	A digital twin is the digital identity of a physical entity on/in a software/identity system
Application Space ID	ID of the application space the digital twin belongs to
Application Agent ID	ID of the agent which makes the application available for the different calls
Tenant ID	ID of the tenant the digital twin belongs to. The tenant belongs to an application space
Private Key and Settings	The secret which required to reach the system. Indykite provides the necessary secrets
Property	The digital twin's property (eg.: email, name)
JWT	JSON Web Tokens
Introspect	A process used to validate the token and to retrieve properties assigned to the token
Patch property	Add, change or delete a property of a digital twin

Initial settings

1. You need to have an AppAgent credentials json file to be able to use the IndyKite Python SDK. You can get it from the Indykite console: https://console.indykite.id/.

   Example configuration file:

{
    "baseUrl": "",
    "defaultTenantId": "",
    "applicationId": "",
    "appSpaceId": "",
    "appAgentId": "",
    "endpoint": "",
    "privateKeyJWK":
    {
        "alg": "ES256",
        "crv": "P-256",
        "d": "",
        "kid": "",
        "kty": "EC",
        "use": "sig",
        "x": "",
        "y": ""
    },
    "privateKeyPKCS8Base64": "",
    "privateKeyPKCS8": ""
}

Conditionally optional parameters:

• baseUrl
• defaultTenantId
• endpoint

2. Credentials

   Identity

   You have two choices to set up the necessary credentials. You either pass the json to the INDYKITE_APPLICATION_CREDENTIALS environment variable or set the INDYKITE_APPLICATION_CREDENTIALS_FILE environment variable to the configuration file's path.

   • on Linux and OSX

      export INDYKITE_APPLICATION_CREDENTIALS='{
        "baseUrl": "",
        "defaultTenantId": "",
        "applicationId": "",
        "appSpaceId": "",
        "appAgentId": "",
        "endpoint": "",
        "privateKeyJWK":
        {
            "alg": "ES256",
            "crv": "P-256",
            "d": "",
            "kid": "",
            "kty": "EC",
            "use": "sig",
            "x": "",
            "y": ""
        },
        "privateKeyPKCS8Base64":"",
        "privateKeyPKCS8": ""
     }'
     

     or

     export INDYKITE_APPLICATION_CREDENTIALS_FILE=/Users/xx/configuration.json

   • on Windows command line

      setex INDYKITE_APPLICATION_CREDENTIALS='{
          "baseUrl": "",
          "defaultTenantId": "",
          "applicationId": "",
          "appSpaceId": "",
          "appAgentId": "",
          "endpoint": "",
          "privateKeyJWK":
          {
              "alg": "ES256",
              "crv": "P-256",
              "d": "",
              "kid": "",
              "kty": "EC",
              "use": "sig",
              "x": "",
              "y": ""
          },
          "privateKeyPKCS8Base64":"",
          "privateKeyPKCS8": ""
      }'
     

     or

     setex INDYKITE_APPLICATION_CREDENTIALS_FILE "C:\Users\xx\Documents\configuration.json"

Config

To manage its spaces, among other things, the DigitalTwin (DT) who owns the relevant customer creates a service account.

A service account is a non person entity which belongs to the DT who created it. It is a DT with its own credential which acts only through its owner.

A service account is always created under a customer.

The purpose of a service account is for a non person entity to manage the platform configuration: creating AppSpaces, creating applications, creating agent credentials, creating other service accounts, modify user permissions or any action through the Graph DB. The service account is also needed if you want to use Terraform for your configuration.

You have two choices to set up the necessary credentials. You either pass the json to the INDYKITE_SERVICE_ACCOUNT_CREDENTIALS environment variable or set the INDYKITE_SERVICE_ACCOUNT_CREDENTIALS_FILE environment variable to the configuration file's path.

• on Linux and OSX

   export INDYKITE_SERVICE_ACCOUNT_CREDENTIALS='{
    "serviceAccountId":"",
    "endpoint":"",
    "privateKeyJWK":{
      "alg":"ES256",
      "crv":"P-256",
      "d":"",
      "kid":"",
      "kty":"EC",
      "use":"sig",
      "x":"",
      "y":""
      },
    "privateKeyPKCS8Base64":"",
    "privateKeyPKCS8":"-----BEGIN PRIVATE KEY----------END PRIVATE KEY-----\n"
    }'
  

  or

  export INDYKITE_SERVICE_ACCOUNT_CREDENTIALS_FILE=/Users/xx/configuration.json

• on Windows command line

   setex INDYKITE_SERVICE_ACCOUNT_CREDENTIALS='{
    "serviceAccountId":"",
    "endpoint":"",
    "privateKeyJWK":{
      "alg":"ES256",
      "crv":"P-256",
      "d":"",
      "kid":"",
      "kty":"EC",
      "use":"sig",
      "x":"",
      "y":""
      },
    "privateKeyPKCS8Base64":"",
    "privateKeyPKCS8":"-----BEGIN PRIVATE KEY----------END PRIVATE KEY-----\n"
    }'
  

  or

  setex INDYKITE_SERVICE_ACCOUNT_CREDENTIALS_FILE "C:\Users\xx\Documents\configuration.json"

3. Initialize a client to establish the connection. This client instance's self.stub will be used by the other functions.

Note: The client is opening a GRPC channel and the client must close the channel, too! If the client doesn't close the channel after use, it can cause surprises like _InactiveRpcErrors.

from indykite_sdk.identity import IdentityClient
import argparse

    # Create parent parser
    parser = argparse.ArgumentParser(description="Identity client API.")
    parser.add_argument("-l", "--local", action="store_true", help="make the request to localhost")
    subparsers = parser.add_subparsers(dest="command", help="sub-command help")
    
    # Create 
    args = parser.parse_args()
    local = args.local
    client = IdentityClient(local)

4. Close a GRPC channel You simple call the close() function on the channel (The IdentityClient() function below represents the def in the previous step)

from indykite_sdk.identity import IdentityClient

def open_and_close_channel():
    client = IdentityClient()
    client.channel.close()

Running tests

To run unit tests, simply execute

pytest

To display code coverage, enter

pytest --cov .

Functions details

https://indykite.github.io/indykite-sdk-python/

Examples

https://github.com/indykite/indykite-sdk-python/tree/master/indykite_sdk

SDK Development

Commit message follows commit guidelines

Roadmap

Checkout our roadmap on our issues page

Contributing

Contribution guidelines for this project

Support, Feedback, Connect with other developers

Feel free to file a bug, submit an issue or give us feedback on our issues page

Vulnerability Reporting

Responsible Disclosure

Changelog

Changelog

Contributers / Acknowledgements

Coming Soon!

What is IndyKite

IndyKite is a cloud identity platform built to secure and manage human & non-person (IoT) identities and their data. Based on open source standards, the cloud platform gives developers the ability to secure data and embed identity controls into their Web 3.0 applications. Empowering the world’s 23 million developers without the need to involve security and identity specialists.

License

This project is licensed under the terms of the Apache 2.0 license.

Changelog

1.23.0 (2023-06-19)

Features

• add info in ingest (f2e2a0c)
• add readid and kg schema config nodes (cb47dbf)
• change spaces example (4c47fc8)
• change spaces example (058f251)
• update spaces (b66ed2c)

Bug Fixes

• repair release files (7bcb8f2)

Miscellaneous Chores

• master: release 1.23.0 (a436146)

1.22.0 (2023-06-06)

Features

• delete dt by property (fc76ec9)
• get DT by property (49c4a7b)

Bug Fixes

• update buf generated files (4fd5d32)

1.21.0 (2023-05-30)

Features

• add backend example for spaces (18fd667)
• add ingestv2 methods tests and examples (907cb80)
• change options and add tags (8b42995)
• remove examples from pipeline (0c7c6d8)
• remove ingestv1 (a32d9b9)

Bug Fixes

• fix dependencies (e7dc548)
• update failing tests (82880bc)

1.20.0 (2023-04-24)

Features

• add create app with appagent cred (c76bc37)
• add who authorized (91976f7)
• change status due to reverse value (cfb6051)
• change status due to reverse value (17779bb)

1.19.0 (2023-04-18)

Features

• add authz policy config node (890c762)

1.18.0 (2023-04-17)

Features

• add what_authorized feature (d70b293)
• consent challenge (dd8a109)
• create consent challenge verifier (299d867)

1.17.0 (2023-04-11)

Features

• add http client (d558a02)
• remove is_authorized (cc4d9ed)
• update api.py (8d5ea54)
• update is_authorized method (1c13102)
• update is_authorized method (fd18e91)

Bug Fixes

• fixed vulnerabilies from dependabot (d3208ff)
• remove js vulnerability (e6285fc)

1.16.0 (2023-03-21)

Features

• add session introspect (75bb9ea)
• change init returns (c2ce5fc)
• eng-114 register digital twin without cred (5a0295f)

1.15.0 (2023-03-14)

Features

• add invitation features (306b26a)
• add webauthn config node and cn updates (425d031)

1.14.0 (2023-02-21)

Features

• add forgotten password feature (be97ec1)
• add forgotten password feature (5420614)

1.13.0 (2023-02-16)

Features

• reinit test data (2c7ab8a)
• update documentation (f333e47)

1.12.0 (2023-02-10)

Features

• add logger in config methods (dbf1b36)
• add logger in identity and authz methods (f3039bb)
• add logger in identity and authz methods (5ba11fc)

Bug Fixes

• corrected is_authorized deserialization and tests (8091e5d)
• corrected is_authorized deserialization and tests (f273e38)

1.11.0 (2023-02-07)

Features

• add generated doc (d5581a4)
• add generated documentation (2eefbd8)
• add generated documentation (332f02a)
• add generated documentation (e736152)
• add oauth2 consent (833f7ac)
• add oauth2 consent (a83d83c)
• remove build in documentation (10850c9)

1.10.1 (2023-01-24)

Bug Fixes

• remove identifier_value from message_to_value.py (9747d84)

1.10.0 (2023-01-20)

Features

• add authorization (961701d)
• add authorization (2982050)
• add authorization (c6d6b6e)
• add authorization (2d922d7)
• add authorization with token (15544e2)

1.9.0 (2023-01-12)

Features

• add import DT and update tests (ca30bd0)
• add import DT and update tests (c1c954f)

1.8.0 (2023-01-05)

Features

• add missing init files (cf0d5dd)

1.7.0 (2023-01-05)

Features

• change python version (00ebbff)
• change python version (f4effed)

1.6.0 (2023-01-04)

Features

• change config after repo name changed (2d9f123)
• modif with repo name modification (5dbcb77)
• modif with repo name modification (8db8c97)

1.5.0 (2023-01-03)

Features

• uuid to gid and files renaming (a4ffd9e)

1.4.0 (2022-12-09)

Features

• config nodes and oauth2 (5c3147f)
• config nodes and oauth2 (0d90b42)
• update documentation (0ba7528)

1.3.0 (2022-11-11)

Features

• add config application application agent (e2c1174)
• add config credentials (4eb114a)
• add config credentials (d7317eb)
• add config methods (82b7505)
• add config methods 2798 (3648f19)
• add config methods appspaces and tenants (bdbfa3c)
• add config methods appspaces tenants (92b6c14)
• add ingest api (39576d9)
• add service account credential (9b73e92)
• add service_accounts (facf4bd)
• update documentation (9fe3b71)

Bug Fixes

• return response in stream_records() (6c4f09d)

1.2.0 (2022-05-25)

Features

• get digital twin with properties (c515e56)

1.1.0 (2022-05-04)

Features

• add enrich token method (1298a5e)

1.0.2 (2022-04-29)

Bug Fixes

• add imports from root package (9ea91f6)
• do not include tests in build files (5d06b72)

1.0.1 (2022-04-27)

Bug Fixes

• add encoding when open files (a5406ea)

Miscellaneous Chores

• add missing init.py files (c2d45b1)

1.0.0 (2022-04-26)

Miscellaneous Chores

• release 1.0.0 (23325c5)