Sanctum Quick Start Guide
This quick start guide will guide you through:
- Signing up and creating an Organisation in the Demo Haventec Console environment
- Add your Sanctum enabled Application
- Download and configuring the Haventec Sanctum postman files
- Interacting with the Sanctum API's using postman
Go to Haventec Console Demo and sign up your organisation.
Add your Sanctum enabled Application
Once you have signed up, add your application by going to Applications and clicking the Add application button.
- Enter your Application name
- Enter your Application description
- Tick the checkbox to enable Sanctum
Optional steps to securing vaults with a JWT
Sanctum supports vaults being secured by JWT tokens. The application must enable this feature upon creation. ES384 (ECDSA using P-384 curve and SHA-384) is the only supported algorithm. If you wish to secure vaults with a JWT token you may tick the Tick to enable JWT Validation checkbox.
The JWT payload will need to contain the key "role", and match at least one of the claims specified. An example payload of a JWT is provided below.
In order to access vaults the user will need to send through a valid JWT via the "Authorization" header using the Bearer schema. Please see below an for an example of the header.
This will create your new application which will display your Application UUID and API Key. You will need these to start using your application with postman.
Download and configuring your postman files
Download the Haventec Sanctum postman collection and environment file below:
Import your collection and environment file into postman.
Insert your Application UUID and API Key into the postman environment file:
Click "Update" and you're ready to start interacting with the Sanctum API's
Interacting with the Sanctum API's
You are now ready to hit the Sanctum API's! Select the "Create Generic Offline Vault" API in the collection and click "Send"
Ensure you run the API's in order as the output of one API will be required for the input of the next API (e.g. For the Expiry vaults, the output of the Create expiry generic offline vault API will be required to call the Get expiry generic offline vault API.)