Server SDKs Overview

There are three SDKs available to you to integrate your server side to Rapid if you prefer this option over interacting with the Web API directly.

Methods

Each SDK has a set of methods to perform the actions against the RapID Restful Web API.

RequestIdentity

The RequestIdentity method takes in an anonymous identifier and calls into the credentials API. The response object populated in each SDK is deserialised from the JSON response from the Web API.

{
    "AnonId":"<AnonId for User>",
    "RequestId":"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
    "PreventCollection":false
}

The method name for each SDK is: C# RequestIdentity | PHP requestIdentity| Ruby request_identity

Credential Collection

There are four methods in each SDK which manage credential collection which take either an anonymous identifier or a RequestId. Preventing collection means that a credential will no longer be able to be collected, replaced or automatically renewed. This is allowed by default and can be turned back on by calling an allow collection method.

C#
PreventCredentialCollection and AllowCredentialCollection
PreventCredentialCollectionByRequestId and AllowCredentialCollectionByRequestId

PHP
preventCredentialCollection and allowCredentialCollection
preventCredentialCollectionByRequestId and allowCredentialCollectionByRequestId

Ruby
prevent_credential_collection and allow_credential_collection
prevent_credential_collection_by_requestid and allow_credential_collection_by_requestid

The response object populated in each SDK is deserialised from the JSON response from the Web API.

{
    "AnonId":"<AnonId for User>",
    "RequestId":"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
    "PreventCollection":false
}

Note: The RequestId will only be returned if you are using the specific RequestId methods.

Credential Replacement

If a user changes a device for any reason you will need to request a replacement credential. Each SDK has a set of methods to replace a credential through the anonymous identifier or the RequestId. In addition, each method takes an optional second parameter to allow you to specify a new anonymous identifier newAnonymousId. When replacing credentials linked to lost or stolen devices, we would advise specifying a new anonymous identifier since this allows you to detect and prevent future use from the old device.

If you choose not to use unique anonymous identifiers for each of your end users' devices you will need to make use of the ByRequestId variants. This means that you must capture the request ID whenever a new credential is generated.

C#
ReplaceCredential and ReplaceCredentialByRequestId

PHP
replaceCredential and replaceCredentialByRequestId

Ruby
replace_credential and replace_credential_by_requestid

The response object populated in each SDK is deserialised from the JSON response from the Web API.

{
    "AnonId":"<AnonId for User",
    "RequestId":"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
}

Authenticated User

This method will return the anonymous identifier from the certificate provided during two way TLS. This anonymous identifier is the one provided during registration which should map to a user in your system.

The method name for each SDK is: C# GetAuthenticatedUser | PHP authenticated_user| Ruby authenticated_user

Reseed

Each SDK contains a reseed method. It takes a RequestId as a parameter to reset a given test credential back to it's initial state. The testing anonymous identifiers are specified in the testing section of the documentation. These are used in the RequestIdentity calls to get back appropriate RequestId values. Once you collect a test credential it is updated as collected and if you wish to collect it again you will need to reseed it.

Deprecated Methods

There are a number of methods that have been deprecated as the SDKs move forward with feature improvements and bug fixes. These are outlined in further detail in each respective SDK.