Skip to content

Demo community project to authenticate users with the SafeNet platform using REST API

License

Notifications You must be signed in to change notification settings

thalesdemo/safenet-auth-api

Repository files navigation

SafeNet RESTful Authentication Gateway

🚀 Get Started with Our SafeNet RESTful Authentication Gateway on Docker Hub!

👉 Alternately, deploy this project directly using our JAR file! Check out the jar folder in our repository for step-by-step instructions.

Important Notice

Thank you for your interest in our demo project! It is important to note that the project is in development. Please also note that this project has been independently developed and is not an official software released by Thales for end-users or developers. Please use the project at your own discretion and assume any potential risks associated with its use.

Summary

This microservice is a REST-based solution that allows for secure and efficient authentication against SafeNet authentication servers. It provides simple and easy-to-use endpoints that handle user authentication and credential validation. With advanced security features such as GRID or Push OTP authentication, the SafeNet RESTful Authentication Gateway ensures secure and auditable authentication transactions, making it an ideal solution for any application or service that requires secure user authentication.

Deployment Guidelines

To execute the Docker image successfully, it is essential to create a dotenv file in your working directory named .env and input the necessary information below. No modifications are necessary to the docker-compose.yml file, and it should be stored in the same directory as the dotenv file.

In order to operate this image, it is imperative to have your Agent.bsidkey SafeNet encryption key readily available.

Please keep in mind that the authentication agent underlying this image depends on the SafeNet TokenValidator endpoints. To ensure uninterrupted functionality, it is important to whitelist your public-facing IP address(es) in the Auth Nodes section of the SafeNet management console. You may alternately supply to orgCode query parameter directly in the JCRYPTO_INI file to eliminate the aforementioned whitelisting requirement. In the current Docker release, the INI file must be manually modified within the running container (under /app/config/config.ini) to include this orgCode query parameter.

Configuration Files

.env

SAFENET_SERVER_HOST=cloud.us.safenetid.com
HOST_AGENT_KEY_PATH=/host/path/to/your/tenant/Agent.bsidkey
RESOURCE_NAME=SafeNet Gateway Demo
API_SERVER_PORT=8888
API_LOG_LEVEL=INFO

docker-compose.yml

version: '3'

services:
  safenet-auth-api:
    image: thalesdemo/safenet-auth-api
    container_name: safenet-auth-api
    environment:
      HOST_AGENT_KEY_PATH: ${HOST_AGENT_KEY_PATH}
      SAFENET_SERVER_HOST: ${SAFENET_SERVER_HOST}
      API_SERVER_PORT: ${API_SERVER_PORT}
      API_LOG_LEVEL: ${API_LOG_LEVEL}
      API_KEY_HASH: ${API_KEY_HASH-}
      RESOURCE_NAME: ${RESOURCE_NAME-}
      JCRYPTO_INI_PATH: /app/config/config.ini
    volumes:
      - type: bind
        source: ${HOST_AGENT_KEY_PATH}
        target: /app/secret/agent.key
        read_only: true
    ports:
      - ${API_SERVER_PORT}:${API_SERVER_PORT}

Starting the Docker Container

When you are ready, go to your working directory and run the Docker by typing:

docker-compose up

Then, follow the instructions that appear on the screen to get your unique client header key. You must supply this key in the X-API-Key header for every HTTP request.

API Reference

To view the API documentation and all available endpoints, open your web browser and go to http://localhost:8888.

example.gif

Contact Us

If you have any feedback to share or would like to request new features, please feel free to reach out to us at [email protected]. We welcome your input!