LogoLogo
v3.8.x
v3.8.x
  • Introduction
  • Concept
  • Prerequisites
  • Trust1Connector JS SDK
  • Release Notes
  • Installation Profiles
  • Core
    • Setting up the SDK
    • Initialize Trust1Connector
    • DNS Rebind
    • Readers
    • Core Service
    • Downloading latest Trust1Connector
    • Consent
    • Authenticated client
    • Module/container setup
    • Status codes / error handeling
    • Quick-Migration Guide (v2 -> v3)
  • Token
    • Token typing models
    • Generic token
    • Belgian eID
    • Aventra MyEID PKI
    • Idemia Cosmo One v8.2
    • Oberthur Cosmo One v7.3
    • Diplad (BeLawyer)
    • Chambersign*
    • Camerfirma*
    • Certigna*
    • Certinomis*
    • Jcop3*
    • Airbus
    • Eherkenning
    • Safenet*
    • Luxembourg ID
    • LuxTrust
  • Truststore
    • Introduction
    • Truststore API
    • Other PKCS11 Compatible Tokens*
  • Payment
    • Payment typing models
    • EMV*
    • Crelan
  • FIle
    • File exchange
    • Custom
      • VDDS
  • HSM
    • Remote loading
  • Other
    • Print
    • Wacom*
    • Simple Sign
  • Miscellaneous
    • Prerequisites New Token/Smart Card
    • Prerequisites Support
    • Troubleshooting
      • Connector Connection Issues
      • Windows
      • Windows dynamic port range
      • Mac OSX Sonoma and higher
      • Mac OSX Sonoma and higher Smart-card reader issue
      • MacOS Rosetta
      • Enable Debug Logging
      • Changing Device date/time
      • Disable DNS rebind pop-up
    • Installation FAQ
    • Removal of Trust1Connector
  • Installation Manual
    • Windows
    • Mac OSX
Powered by GitBook
On this page
  • Introduction
  • Retrieving a JWT token
  • Refresh JWT token
  • Distribution services

Was this helpful?

Export as PDF
  1. Core

Authenticated client

Sample code uses ES6 language features such as arrow functions and promises. For compatibility with IE11, code written with these features must be either transpiled using tools like Babel or refactored accordingly using callbacks.

Introduction

The Trust1Connector API requires a valid JWT token to be provided in the Authorization header. This JWT token can be retrieved by asking the Distribution Service to generate a token for a specific API-key. It is important that this API-key is not exposed in the front-end application as this is a security violation.

When you've received a valid JWT token from the DS you can provide this into the configuration object when initialising the Trust1Connector JS client.

// Config object definition
export class T1CConfigOptions {
  constructor(
    public t1cApiUrl?: string,
    public t1cApiPort?: string,
    public t1cProxyUrl?: string,
    public t1cProxyPort?: string,
    public jwt?: string
  ) {}
}



// example
const configoptions = new T1CSdk.T1CConfigOptions(
  environment.t1cApiUrl,
  environment.t1cApiPort,
  environment.t1cProxyUrl,
  environment.t1cProxyPort,
  environment.jwt
);
config = new T1CSdk.T1CConfig(configoptions);

When using the Trust1Connector Javascript SDK the Authorization header is automatically populated with the JWT provided while initialising.

When the Token has expired there is a function which you can call to provide a new token and which will in turn return an updated client to be used.

Retrieving a JWT token

Retrieving a valid JWT token happens via the DS. When passing a valid API-key to header of the endpoint {{ds-url}}/v3/tokens/application (GET) you wil in turn receive a valid JWT token.

curl --location --request GET 'https://acc-ds.t1t.io/v3_5/tokens/application' \
--header 'apikey: your-api-key'

Example response

{
    "success": true,
    "data": "eyJraWQiOiJ0MWNkcyIsImFsZyI6IlJTMjU2In0.eyJpc3MiOiJ0MWNkcy1hcHAiLCJzdWIiOiJkZXZlbG9wbWVudCIsImV4cCI6MTU5OTA1MTExMywiaWF0IjoxNTk5MDQ5OTEzLCJuYmYiOjE1OTkwNDk5MDh9.LE_AdYv9PWxqSRm6-lkV_3TxInCqbf_hTwHFKCFfYwkuzex6AMkeW6FaVCOxu-EBU158S2g70i4VBpeT2TAr0IoOyjK-nalvVG5aB9MwidZMtiPlidcUfsDhsyhbhwqlhI2dzB5J5KsBmvZwpoG-Pg2koUSidruixg3SxRrCMotBRlRNKItnYgfs6_wvd_OOLXs2OlufYOD876MWcJymBK48wf9ESQ50clR3zwPAQsNnXFq2Augk0gOlCgWO1--WgaFeMnBF28b7genZXIkwZCfT82nRYtiOs0zLK2WtyireTHDgjIZif4nX8pggE7t_63Hbv8wCvv8_Mg2PfdhCMQ"
}

Refresh JWT token

Refreshing the JWT token can only be done after a first successfull initialisation of the Trust1Connector. This means the Trust1Connector has to be initialised with a valid configuration the first time. When the token expires after first successfull initialisation you can use the refreshJWT function described below

A JWT token is only valid for a certain period. After this period the API will return an error. At this point you need to request a new JWT token to be able to communicate with the API.

In the T1C JS SDK there is a function which you can use to re-initalise the client with a new valid JWT token. This should be done when you receive a 104025 error-code which means you do not have a valid JWT

The updateJWT function can be found in the Core service. After initialising you can retrieve the core as follows:

const configoptions = new T1CSdk.T1CConfigOptions(
  environment.t1cApiUrl,
  environment.t1cApiPort,
  environment.t1cProxyUrl,
  environment.t1cProxyPort,
  environment.jwt
);
config = new T1CSdk.T1CConfig(configoptions);

T1CSdk.T1CClient.initialize(config).then(res => {
        client = res;
        console.log("Client config: ", client.localConfig)
        core = client.core();
    }, err => {});

The function's interface is as follows;

updateJWT(jwt: string, callback?: (error: T1CLibException, data?: T1CClient) => void): Promise<T1CClient>

This function returns an updated client which you can continue to use for your desired use-cases.

core.updateJWT("jwt").then(client => {}, error => {});

Distribution services

Environment

DS url

Acceptance

https://acc-ds.t1t.io

Production

https://ds.t1t.io

PreviousConsentNextModule/container setup

Was this helpful?