Ares: Azle REST APIs with Internet Identity

Developers
,
1

Hi everyone! We just released the new Ares beta version, but what is it about?

As you know, a few weeks ago, @lastmjs announced that you can build REST APIs with Azle; that’s quite a big announcement! (personally, I’d love it).

However, signing the requests using Internet Identity and those APIs is not possible.

Ares is an Axios-like library that enables REST API requests but integrates Internet Identity (or any similar identity).

To use it you only need two things:

A REST API in Azle (or any other REST API that complies with the .did that Azle generates).
Install the @bundly/ares library inside your frontend project. npm install @bundly/ares

How it works?

const response = await ares<TestResponse>({
  URL: "http://your_canister_id.localhost:4943/test",
  method: "POST",
  data: {
    hello: "world",
  },
  headers: {
    "Content-Type": "application/json",
  },
 // Here you can provide your identity
 identity
});

We are working on improving the documentation, but it should work much like Axios. We try to be familiar with existing REST API client libraries.

We would like to receive your feedback and any issue reports. Remember this still in Beta, but we will keep working to improve it.

5 Likes
2

How does it sign the request and how does the IC validate it?

3

It uses the agent under-the-hood to make requests to http_request or http_request_update, so it’s the same as all other JS clients in that respect, it would seem

1 Like
4

Ok…nice…so it isn’t hitting the boundary node as an HTTP request but as an IC function call. Nice abstraction!

2 Likes
5

Yeah, that’s right. It looks like a standard HTTP Request, but behind the scenes is a request to Candid methods.

2 Likes
6

I’m also working on abstractions over fetch and possibly XMLHttpRequest (they’ll just be replaced globally) that will do this and will detect and use the identity passed in as the Authorization header.

The end goal if feasible (seems very difficult) is to create a JWT and pass it in the Authorization header, and to have the boundary node use that information to allow the replicas to validate the API calls.

1 Like