API Reference

The documentation for api references.

Request

Detailed documentation of the How2Validate API for both JavaScript and Python.

JavaScript API

validate(provider, service, secret, response, report)

Example

import { validate } from '@how2validate/how2validate';
 
const result = await validate("NPM", "NPM Access Token", "<<SECRET>>", true/false, "useremail@domain.com");
console.log(result);

Python API

validate(provider, service, secret, response, report)

Example

from how2validate import validate
 
result = validate(
    provider="NPM",
    service="NPM Access Token",
    secret="<<SECRET>>",
    response=True/False,
    report="useremail@domain.com"
)
print(result)

Validates a secret against the specified provider and service.

  • Parameters:

    • provider (string): The name of the provider (e.g., "NPM", "GitHub").
    • service (string): The specific service or token type.
    • secret (string): The secret to validate.
    • response (boolean): If true, returns the full response.
    • report (string): Email Id to send a detailed report (Alpha Feature).

  • Returns:

    • validation_result (object): An object containing the validation status and details.

Response

Schema

{
  "status": 200,4xx,5xx,
  "app": "How2Validate",
  "data": {
    "validate": {
      "state": "Active/InActive",
      "message": "The provided secret 'npm_access_token' is currently inactive and not operational.",
      "response": {},
      "report": "email@how2validate.com"
    },
    "provider": "npm",
    "services": "npm_access_token"
  },
  "error": {
    "message": "Invalid token provided for 'npm_access_token'."
  },
  "timestamp": "2024-10-21T08:59:53.986903+00:00"
}

Fields Explanation

  • status (int): The HTTP status code of the validation result. It indicates whether the validation was successful or if there was an error.

    • 200: Success.
    • 4xx: Client-side error (e.g., invalid token, missing parameter).
    • 5xx: Server-side error (e.g., external provider API is down).

  • app (str): The name of the application performing the validation. "How2Validate"

  • data (object): Contains detailed information about the validation process if the validation was successful.

    • validate (object): Holds information about the validation process, such as the state of the secret or token and any related message or response data.

      • state (str): The state of the validation process. Possible values are:

        • Active: The secret is valid and operational.
        • InActive: The secret is invalid or expired.

      • message (str): A message providing more details about the validation process. For example: "The provided secret 'npm_access_token' is currently active and operational."

      • response (Any): The response data obtained from the validation, often returned from the provider's API. It could be a JSON object or a string representation of the response.

      • report (str): An optional email address where a report or additional details about the validation can be sent (e.g., "email@how2validate.com").

    • provider (str): The name of the provider being validated (e.g., "npm").

    • services (str): The service or token that was validated (e.g., "npm_access_token").

  • error (object): Contains error information if the validation failed.

    • message (str): A human-readable error message explaining why the validation failed.

  • timestamp (str): The timestamp when the validation occurred, in ISO 8601 format.

Response Schema

Status: 200

{
  status: 200,
  app: 'How2Validate',
  data: {
    validate: {
      state: 'Active',
      message: "The provided secret 'snyk_auth_key' is currently active and operational.",
      response: '\n' +
        '{\n' +
        '    "ok": true,\n' +
        '    "user": {\n' +
        '        "username": "vigneshkna",\n' +
        '        "name": "Vignesh Kannan",\n' +
        '        "email": "username@gmail.com",\n' +
        '        "created": "2023-05-03T16:17:52.134Z",\n' +
        '        "avatar": "https://s.gravatar.com/avatar/ac6f7273ac4ba125c2ece9?size=200&default=https%3A%2F%2Fres.clo.com%2Fsnyk%2Fimage%2Fupload%2Fv1533%2Fgravatar%2F_l.png",\n' +
        '        "id": "UserId",\n' +
        '        "orgs": []\n' +
        '    }\n' +
        '}',
      report: 'email@how2validate.com'
    },
    provider: 'snyk',
    services: 'snyk_auth_key'
  },
  timestamp: '2024-10-21T14:26:54.996Z'
}

Status: 4xx

{
  status: 4xx,
  app: 'How2Validate',
  data: {
    validate: {
      state: 'InActive',
      message: 'The provided secret 'npm_access_token' is currently inactive and not operational.',
      response: '\n' +
        `"'{\\"jsonapi\\":{\\"version\\":\\"1.0\\"},\\"errors\\":[{\\"status\\":\\"401\\",\\"details\\":\\"Unauthorized\\"}]}'"`,
      report: 'email@how2validate.com'
    },
    provider: 'npm',
    services: 'npm_access_token'
  },
  error: {
    message: '\n' +
      `"'{\\"jsonapi\\":{\\"version\\":\\"1.0\\"},\\"errors\\":[{\\"status\\":\\"401\\",\\"details\\":\\"Unauthorized\\"}]}'"`
  },
  timestamp: '2024-10-21T14:27:32.389Z'
}

Status: 5xx

{
  status: 5xx,
  app: 'How2Validate',
  data: {
    validate: {
      state: 'InActive',
      message: 'The provided secret 'npm_access_token' is currently inactive and not operational.',
      response: '\n' +
        `"'{\\"jsonapi\\":{\\"version\\":\\"1.0\\"},\\"errors\\":[{\\"status\\":\\"401\\",\\"details\\":\\"Unauthorized\\"}]}'"`,
      report: 'email@how2validate.com'
    },
    provider: 'npm',
    services: 'npm_access_token'
  },
  error: {
    message: '\n' +
      `"'{\\"jsonapi\\":{\\"version\\":\\"1.0\\"},\\"errors\\":[{\\"status\\":\\"401\\",\\"details\\":\\"Unauthorized\\"}]}'"`
  },
  timestamp: '2024-10-21T14:27:32.389Z'
}
DockerReports