const client = new Diffuse('APPLICATION_ID', 'APPLICATION_SECRET');
For public endpoints
If the endpoint you want to fetch and generate a proof of the response. This endpoint is public and doesn't need any private data like auth headers/API keys.
This is useful when
The verifier needs to verify without re-doing the API call
The API doesn't need any private headers or auth
The proof or response needs to be generated for a particular endpoint now and verified later
This will replace the '{{value}}' in the body with 'secret_value' and send the request to the server. but the secret_value will remain hidden from the verifier and will not be revealed in the proof.
Using CookieStr
You can add cookieStr to the request. This won't be revealed in the proof and hidden from the verifier.
You can also use responseMatches and responseRedactions to match and redact the response. This is useful when you want to verify the response against a particular value or redact some part of the response.
const publicOptions = {
method: 'GET', // or POST
headers : {
accept: 'application/json, text/plain, */*'
}
}
const privateOptions = {
responseMatches: [
{
type: 'contains' | 'regex', // type of match
value: '<HTTP RESPONSE TEXT>' | '<REGEX>', // value to match or regex to match
}
],
responseRedactions: [
{
jsonPath: '$.data', // JSON path to redact
xPath: '/data', // Xpath to redact
regex: '<REGEX>', // Regex to redact
}
]
}
const proof = await client.fetchProof(
'https://your.url.org',
publicOptions,
privateOptions
)
Note: The responseMatches and responseRedactions are optional and can be used as per the requirement.