Skip to main content

ApiKeyStamper

Introduction

The @turnkey/api-key-stamper package simplifies the process of using your public/private API keys and passkeys to stamp and approve activity requests for Turnkey's API. This stamping mechanism is central to the API's security, ensuring that each request is authenticated and authorized. For an in-depth understanding of API keys see this section.

Installing

To get started install the @turnkey/api-key-stamper client.

npm i @turnkey/api-key-stamper

Initializing

The ApiKeyStamper class implements the TStamper interface used by the TurnkeyClient in the @turnkey/http module. It encapsulates the logic necessary to sign activity requests and generates the appropriate HTTP headers for authentication. To get started with an ApiKeyStamper, you can initialize it using its constructor:

constructor(config: TApiKeyStamperConfig): TStamper

Parameters

configTApiKeyStamperConfigrequired

An object containing configuration settings for the stamper.

.apiPrivateKeystringrequired

Your Turnkey API private key.

.apiPublicKeystringrequired

Your Turnkey API public key.

Types

TApiKeyStamperConfig
type TApiKeyStamperConfig = {
  apiPublicKey: string;
  apiPrivateKey: string;
};
TStamper
interface TStamper {
  stamp: (input: string) => Promise<TStamp>;
}

Example

The example below shows how to initialize and use the ApiKeyStamper with the TurnkeyClient to make a request to Turnkey's /public/v1/query/whoami endpoint:

import { TurnkeyClient } from "@turnkey/http";
import { ApiKeyStamper } from "@turnkey/api-key-stamper";

// Following best practices, define parameters in your .env file
const baseUrl = process.env.TURNKEY_BASE_URL || "https://api.turnkey.com";
const apiPublicKey = process.env.TURNKEY_API_PUBLIC_KEY;
const apiPrivateKey = process.env.TURNKEY_API_PRIVATE_KEY;

// Initialize the API key stamper
const stamper = new ApiKeyStamper({ apiPublicKey, apiPrivateKey });

// Initialize the Turnkey client
const tk = new TurnkeyClient({ baseUrl }, stamper);

// Now you can make authenticated requests using the APIKeyStamper
const whoami = await tk.getWhoami({
  organizationId: "<Your Org ID>",
});

Methods

stamp: (input: string) => Promise<TStamp>

Creates a digital stamp which includes the public key, signature scheme, and a signature.

Parameters

payloadstringrequired

The payload that needs to be stamped.

Types

TStamp
type TStamp = {
  stampHeaderName: string;
  stampHeaderValue: string;
};