E3Kit Quickstart

In the following guide, we'll help you to get started with the Virgil E3Kit quickly by running code samples that we provide, and present some common ways to build end-to-end encryption between two fictional characters Alice and Bob.

Before you begin

The first thing we need to do is grab all the necessary information from our Virgil Account. To set up our back-end for E3Kit client, we will need the following credentials:

Use ".env" button in section E3Kit to generate a credentials bundle for your Virgil Application.

APP_IDThe ID of your Virgil Application - create one at Virgil Dashboard.
APP_KEYApp Keys consist of a public-private key pair specific to a Virgil Application. The private key is held by your backend and used to sign unique JWTs for each user, and the public key is stored in the Virgil Cloud to verify the signature of the JWTs to allow those users to perform operations on Virgil Cloud.
APP_KEY_IDID of your generated APP_KEY. Find it next to your generated App Key in the dashboard.

Configure and run sample backend

To get started with a simple app you'll need a backend. We'll use the backend to authenticate users Alice and Bob. You're welcome to use any kind of backend server technology you want for your own application, but we've got a pretty simple little set of code for you to use to get started.

Clone one of our sample backend repositories and follow the instruction in the README to configure and run it on your machine, using the credentials you obtained in the previous step:

Node.js | Golang | PHP | Java | Python

Configure and run sample client

Before you get started building your own client, you might want to check out one of our available samples to get an idea of a basic flow for your app.

iOS | Android | Web

How it works

When you run one of the sample backends, it exposes two HTTP endpoints: /authenticate and /virgil-jwt. The first endpoint represents your authentication strategy. In this sample's case, it's a really weak authentication strategy that just requires an identity parameter. Your real authentication should be stronger, using a validated strategy such as strong passwords and/or SMS codes. The second endpoint generates Virgil JWTs for authenticated users, which allows them to communicate with Virgil's services to store and search for public keys, among other features.

After those endpoints are exposed, you can run one of the sample clients. The sample client will simulate, in code only, an end-to-end encrypted communication between Alice and Bob. To do this, first, it will reach the /authenticate endpoint to authenticate Alice, and then Bob. After Alice and Bob are authenticated, it will reach the /virgil-jwt endpoint to initialize E3Kit for each of them. After E3Kit is initialized, the sample will go through a basic flow between Alice and Bob using E3Kit's available methods, which you'll learn about in the next guides.

Next steps

Now that you've seen the end-to-end encryption flow working with sample code, we'll explore in the next guides how you can build end-to-end encryption into your existing applications.