SDKs

Overview

The idOS SDK provides developers with a comprehensive toolkit for interacting with the idOS node network, allowing seamless integration of identity verification, access management, and encrypted data handling into applications. It is designed to be modular and flexible, enabling developers to choose which functionalities they need without unnecessary overhead.

The SDK is structured into three main components:

1. Core SDK – Provides core functionalities, including authentication, encryption, and interaction with idOS nodes.

2. Data Consumer SDK – Extends the Core SDK to allow applications to request and retrieve user data with user consent.

3. Data Issuer SDK – Also built on the Core SDK, it enables identity issuers (e.g. legally obliged entities, KYC providers, etc) to issue, sign, and store Verifiable Credentials in idOS.

By leveraging the idOS SDK, developers can securely request, issue, and manage identity-related data while ensuring compliance with privacy-first and user-controlled access principles.

Core SDK

Github: https://github.com/idos-network/idos-sdk-js/tree/main/packages/idos-sdk-js

NPM: https://www.npmjs.com/package/@idos-network/idos-sdk

pnpm add @idos-network/idos-sdk ethers near-api-js

The Core SDK is the fundamental module of the idOS SDK ecosystem. It provides core functionalities needed to interact with the idOS infrastructure, making it an essential dependency for the Data Consumer SDK and Data Issuer SDK.

Core Features & Functionalities

Authentication & Authorization

The Core SDK ensures secure wallet-based authentication using cryptographic signatures. To prevent replay attacks, authentication requests include an incrementing nonce. Authorization is managed through signed queries, verifying that the request originates from a valid wallet.

Encryption & Decryption

The SDK leverages NaCl/libsodium (Curve25519 + ChaPoly AEAD) encryption to protect user data. Encryption is applied at multiple stages, ensuring that only the user or explicitly authorized parties can access decrypted data.

Node Interaction & API Calls

The Core SDK provides secure API connections to idOS nodes, allowing applications to store, retrieve, and update encrypted identity data. It also supports querying the relational database structure of the idOS network.

For most use-case it is not required to include the idOS Core SDK directly, since it is part of the more targeted Issuer and Consumer SDKs.

Data Consumer SDK

Github: https://github.com/idos-network/idos-sdk-js/tree/main/packages/consumer-sdk-js

NPM: https://www.npmjs.com/package/@idos-network/idos-sdk-server-dapp

pnpm add @idos-network/idos-sdk-server-dapp ethers near-api-js

The Data Consumer SDK is designed for applications, institutions, and services that need permissioned access to user identity data while ensuring privacy-first authentication and encryption. Built on the Core SDK, it enables seamless requesting and retrieving of user data without compromising decentralization.

Key Features

Requesting Access to User Data

Applications can send permission requests through the SDK, which users must approve before data can be accessed. The SDK supports different access control levels, including read-only, time-limited, and delegated access.

Retrieving Encrypted User Data

Once a user grants access, the SDK retrieves encrypted Verifiable Credentials from the idOS node network. Data is then decrypted using the requesting entity’s private key, ensuring secure and controlled access.

The Data Consumer SDK is ideal for financial institutions, Web3 applications, and enterprises needing on-demand identity verification without storing sensitive user data locally.

Data Issuer SDK

Github: https://github.com/idos-network/idos-sdk-js/tree/main/packages/issuer-sdk-js

NPM: https://www.npmjs.com/package/@idos-network/issuer-sdk-js

pnpm add @idos-network/issuer-sdk-js ethers near-api-js

The Data Issuer SDK is specifically designed for trusted identity issuers, such as KYC providers, government agencies, and enterprise identity verifiers. It extends the Core SDK with features that enable the issuance, signing, and secure storage of Verifiable Credentials on the idOS network.

Key Features

Issuing Verifiable Credentials

Identity providers can use the SDK to generate and sign credentials, ensuring that each issued credential is cryptographically verifiable and immutable.

Encryption & Signing for Privacy-Preserving Storage

The SDK encrypts credentials using randomly generated keys for issuers rather than a static public key, enhancing forward secrecy and privacy protection.

Credential Revocations

Issuers can revoke credentials based on changes in a user’s status (e.g., expired KYC documents, employment verification updates). The SDK allows credentials to be issued with automatic expiration dates.

By using the Data Issuer SDK, organizations can seamlessly issue trusted identity credentials while ensuring privacy and user control over identity data.