Skip to main content
Public package: The @truthlock/sdk package is available on the public npm registry. No special configuration required.

Installation

bash npm npm install @truthlock/sdk  bash yarn yarn add     @truthlock/sdk  bash pnpm pnpm add @truthlock/sdk

Quick Start

quickstart.ts
import { TruthlockClient, Algorithm, Verdict } from "@truthlock/sdk";

// 1. Create client
const client = new TruthlockClient({
  baseUrl: "https://api.truthlocks.com",
  auth: {
    type: "apiKey",
    apiKey: "tl_live_...",
    tenantId: "your-tenant-id",
  },
});

// 2. Create and trust an issuer
const issuer = await client.issuers.create({
  name: "My Organization",
  legal_name: "My Organization Inc.",
  display_name: "My Org",
});
await client.issuers.trust(issuer.id);

// 3. Register a signing key
await client.keys.register(issuer.id, {
  kid: "key-2026",
  alg: Algorithm.Ed25519,
  public_key_b64url: "your-public-key-base64url",
});

// 4. Mint an attestation
const attestation = await client.attestations.mint({
  issuer_id: issuer.id,
  kid: "key-2026",
  alg: Algorithm.Ed25519,
  schema: "degree",
  claims: {
    student_name: "Jane Doe",
    degree_type: "Bachelor of Science",
  },
});

console.log("Attestation ID:", attestation.id);

// 5. Verify
const result = await client.verify.verifyOnline({
  attestation_id: attestation.id,
});

if (result.verdict === Verdict.Valid) {
  console.log("Attestation verified successfully");
}

Configuration

const client = new TruthlockClient({
  // Required
  baseUrl: 'https://api.truthlocks.com',  // API base URL
  auth: { ... },                           // See Authentication below

  // Optional
  timeout: 30_000,              // Request timeout in ms (default: 30s)
  maxRetries: 3,                // Auto-retry with exponential backoff
  idempotencyPrefix: 'my-app',  // Prefix for auto-generated idempotency keys
});

Authentication

Three authentication methods are supported. API Key is recommended for server-side applications.
API Key (recommended)
auth: {
  type: 'apiKey',
  apiKey: 'tl_live_...',     // From Console > Settings > API Keys
  tenantId: 'your-tenant-id', // From Console > Settings > General
}
Bearer Token (session-based)
auth: {
  type: 'bearer',
  token: 'eyJhbGciOi...',  // JWT from login flow
}
Service Key (machine-to-machine)
auth: {
  type: 'service',
  apiKey: 'tl_svc_...',
  tenantId: 'your-tenant-id',
}

API Methods

All methods return typed Promises.

Issuers

  • client.issuers.create(data)
  • client.issuers.get(id)
  • client.issuers.list()
  • client.issuers.trust(id)
  • client.issuers.suspend(id)
  • client.issuers.revoke(id, reason)

Keys

  • client.keys.register(issuerId, data)
  • client.keys.list(issuerId)
  • client.keys.rotate(kid, data)
  • client.keys.reportCompromise(kid)

Attestations

  • client.attestations.mint(data)
  • client.attestations.get(id)
  • client.attestations.list()
  • client.attestations.revoke(id, data)
  • client.attestations.supersede(id, data)
  • client.attestations.getProofBundle(id)

Verification

  • client.verify.verifyOnline(data)

API Keys

  • client.apiKeys.list()
  • client.apiKeys.create(data)
  • client.apiKeys.revoke(id)

Audit

  • client.audit.query(params)
  • client.audit.export(data)

Governance

  • client.governance.listRequests()
  • client.governance.createRequest(data)
  • client.governance.approveRequest(id)
  • client.governance.executeRequest(id)