TypeScript icon, indicating that this package has built-in type declarations

0.29.1 • Public • Published


This module is a plugin for the Seald SDK : @seald-io/sdk.

The @seald-io/sdk-plugin-ssks-2mr module allows to use the SSKS key storage service to store Seald identities easily and securely, encrypted by a key stored on your back-end server.

This module exposes a function, that takes keyStorageURL as argument, and returns a SDKPlugin which can be passed to the SealdSDK constructor.

When the Seald SDK is passed this plugin, the SealdSDK instance is modified to have a ssks2MR property, which exposes the SSKS2MR interface.

To use this plugin, your back-end server must first create an SSKS identity for the user in question by giving their email address. Also, the server has to generate a secure random secret key (called "twoManRuleKey") for the user.

After that, before each use of this plugin, your back-end server must start an SSKS session for the user. The server responds with a session_id and with a boolean must_authenticate.

If there has never been an identity stored on SSKS for this user, the server responds with must_authenticate to false. In that case, you can directly call saveIdentity with no challenge.

Otherwise, the user then receives an email, containing a challenge, and this plugin can use the sessionId, the twoManRuleKey, and the challenge to store or retrieve their Seald identity on SSKS.

If the identity has been stored without no challenge, the first time the identity is retrieved afterwards, the keys of the identity in question are automatically renewed and stored again onto SSKS. If the same identity is also stored elsewhere (for example with @seald-io/sdk-plugin-ssks-password), you will have to save it again.


import SealdSDK from '@seald-io/sdk'
import SealdSDKPluginSSKS2MR from '@seald-io/sdk-plugin-ssks-2mr'

const seald = SealdSDK({
  plugins: [SealdSDKPluginSSKS2MR(keyStorageURL)] // passing the plugin to SealdSDK
await seald.initialize()

// Creating a Seald identity
await seald.initiateIdentity({ signupJWT })
// The SealdSDK instance now has a `ssks2MR` property : we can use `saveIdentity`
await seald.ssks2MR.saveIdentity({ userId, sessionId, authFactor: { type: 'EM', value: emailAdress}, twoManRuleKey }) // `twoManRuleKey` is the secret key stored by your app's back-end to secure this user's identity

For more information, visit our website : https://seald.io

For the full documentation, visit our documentation page : https://docs.seald.io/en/sdk/

© 2023 Seald SAS

You can find the license information of Open Source libraries used in Seald SDK for JavaScript at https://download.seald.io/download/js_dependencies_licenses.txt.




Package Sidebar


npm i @seald-io/sdk-plugin-ssks-2mr

Weekly Downloads






Unpacked Size

689 kB

Total Files


Last publish


  • arantes
  • seald
  • tex0l