A python SDK package for Indykite's system (with protobuf)
Project description
IndyKite Python SDK 🐍
This project serves as a Software Development Kit for developers of Indykite applications. The Python SDK enables you to easily integrate the IndyKite platform gRPC APIs into your Python application. https://console.indykite.id/ https://www.indykite.com/
Requirements
- Python 3.11
Installation
pip install indykite-sdk-python
Used terminology
Definition | Description |
---|---|
Digital Twin | A digital twin is the digital identity of a physical entity on/in a software/identity system |
Application Space ID | ID of the application space the digital twin belongs to |
Application Agent ID | ID of the agent which makes the application available for the different calls |
Tenant ID | ID of the tenant the digital twin belongs to. The tenant belongs to an application space |
Private Key and Settings | The secret which required to reach the system. Indykite provides the necessary secrets |
Property | The digital twin's property (eg.: email, name) |
JWT | JSON Web Tokens |
Introspect | A process used to validate the token and to retrieve properties assigned to the token |
Patch property | Add, change or delete a property of a digital twin |
Initial settings
-
You need to have an AppAgent credentials json file to be able to use the IndyKite Python SDK. You can get it from the Indykite console: https://console.indykite.id/.
Example configuration file:
{
"baseUrl": "",
"defaultTenantId": "",
"applicationId": "",
"appSpaceId": "",
"appAgentId": "",
"endpoint": "",
"privateKeyJWK":
{
"alg": "ES256",
"crv": "P-256",
"d": "",
"kid": "",
"kty": "EC",
"use": "sig",
"x": "",
"y": ""
},
"privateKeyPKCS8Base64": "",
"privateKeyPKCS8": ""
}
A token lifetime is 1h by default. You can change this time (from 2 minutes to 24h) by adding a tokenLifetime parameter.
It will have to be human-readable and Golang-like see -> https://pkg.go.dev/time#ParseDuration
Examples: 30m, 1.5h, 2h45m
Example at the end of the json file:
{
...
"privateKeyPKCS8": "-----BEGIN PRIVATE KEY-----\nM\n-----END PRIVATE KEY-----",
"tokenLifetime": "30m"
}
Conditionally optional parameters:,
- baseUrl
- defaultTenantId
- endpoint
-
Credentials
Identity
You have two choices to set up the necessary credentials. You either pass the json to the
INDYKITE_APPLICATION_CREDENTIALS
environment variable or set theINDYKITE_APPLICATION_CREDENTIALS_FILE
environment variable to the configuration file's path.-
on Linux and OSX
export INDYKITE_APPLICATION_CREDENTIALS='{ "baseUrl": "", "defaultTenantId": "", "applicationId": "", "appSpaceId": "", "appAgentId": "", "endpoint": "", "privateKeyJWK": { "alg": "ES256", "crv": "P-256", "d": "", "kid": "", "kty": "EC", "use": "sig", "x": "", "y": "" }, "privateKeyPKCS8Base64":"", "privateKeyPKCS8": "" }'
or
export INDYKITE_APPLICATION_CREDENTIALS_FILE=/Users/xx/configuration.json
-
on Windows command line
setex INDYKITE_APPLICATION_CREDENTIALS='{ "baseUrl": "", "defaultTenantId": "", "applicationId": "", "appSpaceId": "", "appAgentId": "", "endpoint": "", "privateKeyJWK": { "alg": "ES256", "crv": "P-256", "d": "", "kid": "", "kty": "EC", "use": "sig", "x": "", "y": "" }, "privateKeyPKCS8Base64":"", "privateKeyPKCS8": "" }'
or
setex INDYKITE_APPLICATION_CREDENTIALS_FILE "C:\Users\xx\Documents\configuration.json"
-
Config
To manage its spaces, among other things, the DigitalTwin (DT) who owns the relevant customer creates a service account.
A service account is a non person entity which belongs to the DT who created it. It is a DT with its own credential which acts only through its owner.
A service account is always created under a customer.
The purpose of a service account is for a non person entity to manage the platform configuration: creating AppSpaces, creating applications, creating agent credentials, creating other service accounts, modify user permissions or any action through the Graph DB. The service account is also needed if you want to use Terraform for your configuration.
You have two choices to set up the necessary credentials. You either pass the json to the INDYKITE_SERVICE_ACCOUNT_CREDENTIALS
environment variable or set the INDYKITE_SERVICE_ACCOUNT_CREDENTIALS_FILE
environment variable to the configuration file's path.
-
on Linux and OSX
export INDYKITE_SERVICE_ACCOUNT_CREDENTIALS='{ "serviceAccountId":"", "endpoint":"", "privateKeyJWK":{ "alg":"ES256", "crv":"P-256", "d":"", "kid":"", "kty":"EC", "use":"sig", "x":"", "y":"" }, "privateKeyPKCS8Base64":"", "privateKeyPKCS8":"-----BEGIN PRIVATE KEY----------END PRIVATE KEY-----\n" }'
or
export INDYKITE_SERVICE_ACCOUNT_CREDENTIALS_FILE=/Users/xx/configuration.json
-
on Windows command line
setex INDYKITE_SERVICE_ACCOUNT_CREDENTIALS='{ "serviceAccountId":"", "endpoint":"", "privateKeyJWK":{ "alg":"ES256", "crv":"P-256", "d":"", "kid":"", "kty":"EC", "use":"sig", "x":"", "y":"" }, "privateKeyPKCS8Base64":"", "privateKeyPKCS8":"-----BEGIN PRIVATE KEY----------END PRIVATE KEY-----\n" }'
or
setex INDYKITE_SERVICE_ACCOUNT_CREDENTIALS_FILE "C:\Users\xx\Documents\configuration.json"
- Initialize a client to establish the connection. This client instance's
self.stub
will be used by the other functions.
Note: The client is opening a GRPC channel and the client must close the channel, too! If the client doesn't close the channel
after use, it can cause surprises like _InactiveRpcErrors
.
from indykite_sdk.identity import IdentityClient
import argparse
# Create parent parser
parser = argparse.ArgumentParser(description="Identity client API.")
parser.add_argument("-l", "--local", action="store_true", help="make the request to localhost")
subparsers = parser.add_subparsers(dest="command", help="sub-command help")
# Create
args = parser.parse_args()
local = args.local
client = IdentityClient(local)
- Close a GRPC channel
You simple call the
close()
function on the channel (TheIdentityClient()
function below represents the def in the previous step)
from indykite_sdk.identity import IdentityClient
def open_and_close_channel():
client = IdentityClient()
client.channel.close()
Running tests
To run unit tests, simply execute
pytest
To display code coverage, enter
pytest --cov .
Functions details
https://indykite.github.io/indykite-sdk-python/
Examples
https://github.com/indykite/indykite-sdk-python/tree/master/indykite_sdk
SDK Development
Commit message follows commit guidelines
Roadmap
Checkout our roadmap on our issues page
Contributing
Contribution guidelines for this project
Support, Feedback, Connect with other developers
Feel free to file a bug, submit an issue or give us feedback on our issues page
Vulnerability Reporting
Changelog
Contributers / Acknowledgements
Coming Soon!
What is IndyKite
IndyKite is a cloud identity platform built to secure and manage human & non-person (IoT) identities and their data. Based on open source standards, the cloud platform gives developers the ability to secure data and embed identity controls into their Web 3.0 applications. Empowering the world’s 23 million developers without the need to involve security and identity specialists.
License
This project is licensed under the terms of the Apache 2.0 license.
Changelog
1.36.0 (2024-02-13)
implement
- ENG-2778
Features
- implement knowledge and objects v1beta2 (920e7ad)
1.35.0 (2023-12-20)
Features
- clean identity deprecated param (62f83b0)
1.34.0 (2023-12-04)
Features
- add externalId subject in authz (3e5c5d4)
Miscellaneous Chores
- deps: update google-github-actions/auth action to v2 (0b64774)
1.33.1 (2023-11-28)
Bug Fixes
1.33.0 (2023-10-30)
Features
Miscellaneous Chores
- deps: update actions/setup-node action to v4 (6bd190e)
1.32.0 (2023-10-23)
Features
- add delete all nodes and old methods removal (b9c17f2)
1.31.0 (2023-10-17)
Features
- change resource id with external_id in authz (05bae8f)
1.30.0 (2023-10-10)
Features
- add authz config node versioning (7565a8a)
- add identity knowledge methods (9b041e6)
- change version and add limit in custom token (9579790)
- update authorization subject (1dbe080)
Miscellaneous Chores
- deps: update actions/checkout action to v4 (850a833)
- deps: update codecov/codecov-action action to v4 (2a7a805)
- master: release 1.29.0 (fd1655a)
1.29.0 (2023-09-14)
Features
- add authz config node versioning (7565a8a)
- change version and add limit in custom token (9579790)
- separate stream from ingest (1e094ee)
Miscellaneous Chores
1.28.0 (2023-08-23)
Features
- update ingest methods (1b02eff)
1.27.0 (2023-08-17)
Features
- remove local argument (c0d67ee)
1.26.0 (2023-08-15)
Features
- tokenLifetime, common clients and tokenSource (ee8ece2)
1.25.0 (2023-07-27)
Features
- add spaces config and check deletes (96908c6)
- custom login token (dc9e77a)
- update identity methods (cb07b18)
1.24.0 (2023-06-28)
Features
- add get_schema and refactor some config nodes (20bbf5b)
- add missing properties (0452cad)
- change get methods by read (04eb193)
- update docs (02caa75)
1.23.0 (2023-06-19)
Features
- add info in ingest (f2e2a0c)
- add readid and kg schema config nodes (cb47dbf)
- change spaces example (4c47fc8)
- change spaces example (058f251)
- update spaces (b66ed2c)
Bug Fixes
- repair release files (7bcb8f2)
Miscellaneous Chores
- master: release 1.23.0 (a436146)
1.22.0 (2023-06-06)
Features
Bug Fixes
- update buf generated files (4fd5d32)
1.21.0 (2023-05-30)
Features
- add backend example for spaces (18fd667)
- add ingestv2 methods tests and examples (907cb80)
- change options and add tags (8b42995)
- remove examples from pipeline (0c7c6d8)
- remove ingestv1 (a32d9b9)
Bug Fixes
1.20.0 (2023-04-24)
Features
- add create app with appagent cred (c76bc37)
- add who authorized (91976f7)
- change status due to reverse value (cfb6051)
- change status due to reverse value (17779bb)
1.19.0 (2023-04-18)
Features
- add authz policy config node (890c762)
1.18.0 (2023-04-17)
Features
- add what_authorized feature (d70b293)
- consent challenge (dd8a109)
- create consent challenge verifier (299d867)
1.17.0 (2023-04-11)
Features
- add http client (d558a02)
- remove is_authorized (cc4d9ed)
- update api.py (8d5ea54)
- update is_authorized method (1c13102)
- update is_authorized method (fd18e91)
Bug Fixes
1.16.0 (2023-03-21)
Features
- add session introspect (75bb9ea)
- change init returns (c2ce5fc)
- eng-114 register digital twin without cred (5a0295f)
1.15.0 (2023-03-14)
Features
1.14.0 (2023-02-21)
Features
1.13.0 (2023-02-16)
Features
1.12.0 (2023-02-10)
Features
- add logger in config methods (dbf1b36)
- add logger in identity and authz methods (f3039bb)
- add logger in identity and authz methods (5ba11fc)
Bug Fixes
- corrected is_authorized deserialization and tests (8091e5d)
- corrected is_authorized deserialization and tests (f273e38)
1.11.0 (2023-02-07)
Features
- add generated doc (d5581a4)
- add generated documentation (2eefbd8)
- add generated documentation (332f02a)
- add generated documentation (e736152)
- add oauth2 consent (833f7ac)
- add oauth2 consent (a83d83c)
- remove build in documentation (10850c9)
1.10.1 (2023-01-24)
Bug Fixes
- remove identifier_value from message_to_value.py (9747d84)
1.10.0 (2023-01-20)
Features
- add authorization (961701d)
- add authorization (2982050)
- add authorization (c6d6b6e)
- add authorization (2d922d7)
- add authorization with token (15544e2)
1.9.0 (2023-01-12)
Features
1.8.0 (2023-01-05)
Features
- add missing init files (cf0d5dd)
1.7.0 (2023-01-05)
Features
1.6.0 (2023-01-04)
Features
- change config after repo name changed (2d9f123)
- modif with repo name modification (5dbcb77)
- modif with repo name modification (8db8c97)
1.5.0 (2023-01-03)
Features
- uuid to gid and files renaming (a4ffd9e)
1.4.0 (2022-12-09)
Features
1.3.0 (2022-11-11)
Features
- add config application application agent (e2c1174)
- add config credentials (4eb114a)
- add config credentials (d7317eb)
- add config methods (82b7505)
- add config methods 2798 (3648f19)
- add config methods appspaces and tenants (bdbfa3c)
- add config methods appspaces tenants (92b6c14)
- add ingest api (39576d9)
- add service account credential (9b73e92)
- add service_accounts (facf4bd)
- update documentation (9fe3b71)
Bug Fixes
- return response in stream_records() (6c4f09d)
1.2.0 (2022-05-25)
Features
- get digital twin with properties (c515e56)
1.1.0 (2022-05-04)
Features
- add enrich token method (1298a5e)
1.0.2 (2022-04-29)
Bug Fixes
1.0.1 (2022-04-27)
Bug Fixes
- add encoding when open files (a5406ea)
Miscellaneous Chores
- add missing init.py files (c2d45b1)
1.0.0 (2022-04-26)
Miscellaneous Chores
- release 1.0.0 (23325c5)
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for indykite-sdk-python-1.36.0.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 8b0bc7501b853e516353670599e5964f2c333d2fbc2573303d9d9c9eb29f32fc |
|
MD5 | 780a3997b96a075088a71f02b90a7e4b |
|
BLAKE2b-256 | fa148b7cb85f7bf688528f697aa33045a0b57057daf998828a442f38b8d14499 |
Hashes for indykite_sdk_python-1.36.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 20dba6c9eb685a24c2163aa661a3766007f2dd381358e397534cb8176e1b4728 |
|
MD5 | 6bf0c963ae1b8aa557c4af540fa4a118 |
|
BLAKE2b-256 | a12c075c12e92dcd1ee94e68e38a7620ee2b4d315d64dfac396e0f16655c7a2c |