E3Kit Quickstart
In the following guide, we'll help you to get started with the Virgil E3Kit quickly by running code samples that we provide, and present some common ways to build end-to-end encryption between two fictional characters Alice and Bob.
Before you begin
The first thing we need to do is grab all the necessary information from our Virgil Account. To set up our back-end for E3Kit client, we will need the following credentials:
Use ".env" button in section E3Kit to generate a credentials bundle for your Virgil Application.
Name | Description |
---|---|
APP_ID | The ID of your Virgil Application - create one at Virgil Dashboard. |
APP_KEY | App Keys consist of a public-private key pair specific to a Virgil Application. The private key is held by your backend and used to sign unique JWTs for each user, and the public key is stored in the Virgil Cloud to verify the signature of the JWTs to allow those users to perform operations on Virgil Cloud. |
APP_KEY_ID | ID of your generated APP_KEY . Find it next to your generated App Key in the dashboard. |
Configure and run sample backend
To get started with a simple app you'll need a backend. We'll use the backend to authenticate users Alice and Bob. You're welcome to use any kind of backend server technology you want for your own application, but we've got a pretty simple little set of code for you to use to get started.
Clone one of our sample backend repositories and follow the instruction in the README to configure and run it on your machine, using the credentials you obtained in the previous step:
Node.js | Golang | PHP | Java | Python
Configure and run sample client
Before you get started building your own client, you might want to check out one of our available samples to get an idea of a basic flow for your app.
How it works
When you run one of the sample backends, it exposes two HTTP endpoints: /authenticate
and /virgil-jwt
. The first endpoint represents your authentication strategy. In this sample's case, it's a really weak authentication strategy that just requires an identity
parameter. Your real authentication should be stronger, using a validated strategy such as strong passwords and/or SMS codes. The second endpoint generates Virgil JWTs for authenticated users, which allows them to communicate with Virgil's services to store and search for public keys, among other features.
After those endpoints are exposed, you can run one of the sample clients. The sample client will simulate, in code only, an end-to-end encrypted communication between Alice and Bob. To do this, first, it will reach the /authenticate
endpoint to authenticate Alice, and then Bob. After Alice and Bob are authenticated, it will reach the /virgil-jwt
endpoint to initialize E3Kit for each of them. After E3Kit is initialized, the sample will go through a basic flow between Alice and Bob using E3Kit's available methods, which you'll learn about in the next guides.
Next steps
Now that you've seen the end-to-end encryption flow working with sample code, we'll explore in the next guides how you can build end-to-end encryption into your existing applications.