Managing Agents

In this tutorial, you will create 3 cloud agents to play the 3 basic roles of issuer, verifier, and user. The user plays the role of the holder in the issuance flow and the prover in the verification flow.

Use the following curl commands to create 3 cloud agents: issuer1, verifier1, and user1, respectively. Creating each agent may take up to 5 minutes, so be patient.

curl -u $USERPASS -X POST -d '{"name": "issuer1", "password": "issuer1pw"}' $URL/api/v1/agents -H "Content-Type: application/json"
curl -u $USERPASS -X POST -d '{"name": "verifier1", "password": "verifier1pw"}' $URL/api/v1/agents -H "Content-Type: application/json"
curl -u $USERPASS -X POST -d '{"name": "user1", "password": "user1pw"}' $URL/api/v1/agents -H "Content-Type: application/json"

Note that we assigned an easy-to-remember username and password to each agent for ease-of-use in this tutorial. However, you should normally use a random password, or just omit the password field and a random password will be generated for you and returned in the response.

List the agents in your account as follows:

curl -u $USERPASS $URL/api/v1/agents

Or get agent details for just user1 as follows:

curl -u user1:user1pw $URL/api/v1/info

The response contains the following fields (and more):

{
  "did": "UyDsch1V7euY6r7Ba1kXCg",
  "expiration": 1544737983,
  "manage_wallet": true,
  "master_secret_id": "36c2117b-cb94-4a23-bae1-6ce60275fd58",
  "name": "user1",
  "privileges": {},
  "role": "NONE",
  "url": "https://user1:@ab69fe06168c:8443",
  "verkey": "GFAdkZ34HxSB5tL5eZvKDnSFnrSKZAGUzHTXVTVD3H1g"
}

The did field is the public DID for the identity. For more information on DIDs, please refer to the W3C Specification.

The expiration field specifies the expiration time for the password.

The manage_wallet field specifies whether or not the identity has an associated wallet. An identity may exist without a wallet in order to onboard a trust anchor which is not using Cloud Agent.

The "name" field is of course the user name.

The "privileges" field specifies various privileges the identity may have pertaining to identity management or for any other security check we might need in the future.

The "role" field is the Hyperledger Indy role which will be "NONE" for end users and "TRUST_ANCHOR" for issuers and verifiers.

The "url" field is of course the URL of the identity's agent.

The "verkey" field is the verification key associated with the public DID.

For your reference only (i.e. don't do this now), if you wanted to delete these 3 cloud agents from your account in order to restart the tutorial at any point along the way, you could do so as follows:

curl -u $USERPASS -X DELETE $URL/api/v1/agents/issuer1
curl -u $USERPASS -X DELETE $URL/api/v1/agents/verifier1
curl -u $USERPASS -X DELETE $URL/api/v1/agents/user1

But for now let's continue the tutorial by showing you how to connect agents, issue credentials, verify proofs, and more.

First, let's establish relationships between agents by connecting the agents.