Pythia Service

Virgil Pythia Service can be used as a means to generate strong restorable cryptographic keys based on user passwords. These keys are called 'Brainkeys'.

Virgil Pythia Service can be accessed by using the Virgil Pythia SDK or Virgil Pythia API.

Authorization header

Virgil Pythia Service address:

https://api.virgilsecurity.com/pythia/v1/brainkey

All API calls require authentication with Virgil JWT. So all requests go through Virgil API Gateway which bypasses the request with preset HTTP headers: X-Application-Id, X-Virgil-Identity.

Endpoints

The Virgil Pythia REST API supports the following operations:

Operations	Description
Generate Brainkey	Performs `blindedPassword` transformation by calling `Transform()` operation.

Generate and post brainkey

Performs blindedPassword transformation by calling Transform() operation.

Request info

HTTP Request method    POST
Request URL            https://api.virgilsecurity.com/pythia/v1/brainkey HTTP/1.1
Headers                X-Virgil-Identity: {UserIDString}
                       X-Application-Id: {ApplicationID}

Click here to see the description of header parameters

The endpoint contains the following header parameters:

Parameter	Description
X-Virgil-Identity	User `identity` that was used for a JWT generation
X-Application-Id	ID of your Virgil Application

Request

{
  "blinded_password": "BASE64_STRING",
  "brainkey_id": "STRING"
}

Click here to see the description of request parameters

The endpoint contains the following request parameters:

Parameter	Type	Constraints	Description
blinded_password	Base64	-	Blinded user password
brainkey_id	string	-	Brainkey ID value

Response info

HTTP/1.1 200 OK
Content-Type: application/json

Response

{
    "seed": "BASE64_STRING"
}

Service SDK

Virgil Security provides SDKs which allow you to communicate with the Virgil Pythia Service to work with Brainkeys: