## Installation
Install the SDK using npm:
`` shell`
npm install elliptic-sdk --save
Usage of the SDK requires your Elliptic API keys, which would be
insecure to embed in a browser application. For this reason, we do not
advise calling our API from browser applications.
The SDK provides an instance of the popular Axios HTTP
client, adding the necessary steps to
authenticate each request using your Elliptic API key and secret.
` javascript
const { AML } = require("elliptic-sdk");
// client is an instance of axios
const { client } = new AML({
key: "YOUR_ELLIPTIC_API_KEY",
secret: "YOUR_ELLIPTIC_API_SECRET",
});
client.get("/v2/analyses").then((res) => console.log(res.data));
`
Elliptic signs the webhook events it sends to your endpoint, allowing
you to validate that they were not sent by a third-party. You can use
the WebhookRequestVerifier class to verify the signature of a webhook
request:
` javascript
const express = require("express");
const bodyParser = require("body-parser");
const { WebhookRequestVerifier } = require("elliptic-sdk");
const port = 1337;
const verifier = new WebhookRequestVerifier({
trustedPublicKey: "
expectedEndpointId:
"
});
const app = express();
const rawBodyMiddleware = bodyParser.raw({ type: () => true });
app.post("/", rawBodyMiddleware, (req, res) => {
try {
verifier.verify({
reqBody: req.body,
webhookIdHeader: req.headers["webhook-id"],
webhookTimestampHeader: req.headers["webhook-timestamp"],
webhookSignatureHeader: req.headers["webhook-signature"],
});
// Verification succeeded
res.status(200);
res.send("OK");
} catch (err) {
// Verification failed
console.error(err.message);
res.status(401);
res.send("Unauthorized");
}
});
app.listen(port, () => {
console.log(Server is running on port ${port});``
});
Documentation for Elliptic APIs can be found at the Elliptic Developer Center