Install the SDK using npm:
npm install elliptic-sdk --saveUsage of the SDK requires your Elliptic API keys, which would be insecure to embed in a browser application. For this reason, we do not advise calling our API from browser applications.
The SDK provides an instance of the popular Axios HTTP client, adding the necessary steps to authenticate each request using your Elliptic API key and secret.
const { AML } = require("elliptic-sdk");
// `client` is an instance of axios
const { client } = new AML({
key: "YOUR_ELLIPTIC_API_KEY",
secret: "YOUR_ELLIPTIC_API_SECRET",
});
client.get("/v2/analyses").then((res) => console.log(res.data));Elliptic signs the webhook events it sends to your endpoint, allowing
you to validate that they were not sent by a third-party. You can use
the WebhookRequestVerifier class to verify the signature of a webhook
request:
const express = require("express");
const bodyParser = require("body-parser");
const { WebhookRequestVerifier } = require("elliptic-sdk");
const port = 1337;
const verifier = new WebhookRequestVerifier({
trustedPublicKey: "<This can be found from Elliptic's docs>",
expectedEndpointId:
"<This will be provided when your webhook integration is set up by Elliptic>",
});
const app = express();
const rawBodyMiddleware = bodyParser.raw({ type: () => true });
app.post("/", rawBodyMiddleware, (req, res) => {
try {
verifier.verify({
reqBody: req.body,
webhookIdHeader: req.headers["webhook-id"],
webhookTimestampHeader: req.headers["webhook-timestamp"],
webhookSignatureHeader: req.headers["webhook-signature"],
});
// Verification succeeded
res.status(200);
res.send("OK");
} catch (err) {
// Verification failed
console.error(err.message);
res.status(401);
res.send("Unauthorized");
}
});
app.listen(port, () => {
console.log(`Server is running on port ${port}`);
});Documentation for Elliptic APIs can be found at the Elliptic Developer Center
This SDK is distributed under the Apache License, Version 2.0, see LICENSE and NOTICE for more information.