Approving A Whitelisted Address
Basic Description
This endpoint is used to approve a whitelisted address Request in Taurus-PROTECT.
This endpoint would accept a POST Request with a JSON payload, including the generated ECDSA Signature of the array of all the hashes within the metadata of each whitelisted address Request that needs to be signed.
Prerequisites
Required Roles
Certain API endpoints require that the user has a specific role in order to access them. Roles are used to restrict access to certain functionality within the system and ensure that only authorized users are able to perform specific actions.
Here is the list of required Roles for this particular endpoint:
- WhitelistedAddressApprover
- TPUser
To find out more about roles, please refer to the following page in the Taurus User Guides.
Required Input Parameters
Certain API endpoints require specific input parameters. Here is the list of Required Input Parameters for this particular endpoint:
- signature: the computed ECDSA signature for one or more whitelisted address IDs, encoded in Base64.
- whitelistedAddressIds: one or more whitelisted address IDs to be approved.
Preconditions
It is important to note the correct ECDSA Signature needs to have been properly generated and the relevant Whitelisted Address Request(s) need to pre-exist on the system for the approval process to go through successfully.
ECDSA Signature
An ECDSA signature allows a user to publish a public key and then create a signature of some data with their private key, such that anyone can verify that the signature was created by the owner of this public key. To find out more about the computation and encoding of the appropriate ECDSA signature, please refer to the following page.
Signature Example
You can find a basic example in Bash on how to generate an ECDSA Signature.
export METADATAHASH='2d449c5e55515e76d862b8de2be2b62c6505ac968011efc36641594301a9c0ac'
output=$(echo -n '["$METADATAHASH"]' | openssl dgst -sha256 -sign [email protected] | openssl asn1parse -inform DER )
# output = 0:d=0 hl=2 l= 70 cons: SEQUENCE
# 2:d=1 hl=2 l= 33 prim: INTEGER :9F51A2A2049DBF22F281478337F6D6EA4D7987C40A2F256DF0965164D0D640FB
# 37:d=1 hl=2 l= 33 prim: INTEGER :FA037EA62EE530F558A79025AF006C46E087AFAB30F9CE61D43AF3C3C0505A67
num1=$(echo "$output" | cut -d: -f3 | cut -c0-64 ) # 9F51A2A2049DBF22F281478337F6D6EA4D7987C40A2F256DF0965164D0D640FB
num2=$(echo "$output" | cut -d: -f4 | cut -c1-65) # FA037EA62EE530F558A79025AF006C46E087AFAB30F9CE61D43AF3C3C0505A6
# concatenate the 2 outputs above
newoutput="$num1$num2" #9F51A2A2049DBF22F281478337F6D6EA4D7987C40A2F256DF0965164D0D640FBFA037EA62EE530F558A79025AF006C46E087AFAB30F9CE61D43AF3C3C0505A67
echo -n "$newoutput" | xxd -p -r | base64 | tr -d '\n'
# ECDSA Signature: OV2zss3D4lHXwoey4wQN4W4abKqIGEkEqO4RuaFxKuCoIEiygErAvRjfrX9Ud2ExIEV1cvJ0cIfYihLu+6OyMw==
Signature Result
A successful final output of the above script might look like this:
Sn1GiogSdvyLygUeDN/bW6k15h8QKLyVt8JZRZNDWQPv6A36mLuUw9VinkCWvAGxG4IevqzD5zmHUOvPDwFBaZw==
This result is what you eventually need to add within the JSON Body of the below Request.
Call Example
You can find a basic example in cURL below.
Please note that you will need to update the BASEURL and the APITOKEN for the command to function.
In this example, we use the computed ECDSA signature, encoded in Base64, to sign the Request with ID 443.
export BASEURL=https://taurus-protect-instance.com
export APIToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MSwiZXh0ZXJuYWxVc2VySUQiOiJ0ZWFtMUV4dGVybmFsVXNlcklEIiwidGVuYW50SUQiOjEsImNhcGl0YWxUZW5hbnRJRCI6MSwiZmlyc3RuYW1lIjoiSm9obiIsImxhc3RuYW1lIjoiRG9lIiwicm9sZXMiOlsidHB1c2VyIl0sImVtYWlsIjoidGVhbTFAYmFuay5jb20iLCJ1c2VybmFtZSI6InRlYW0xIiwiand0X3JlbmV3YWJsZV9hbW91bnQiOjAsImlzX3RvdHBfZW5hYmxlZCI6ZmFsc2UsImF1dGhfc3RhdHVzIjoiU1VDQ0VTUyIsImxhc3RfbG9naW4iOiIyMDIzLTAxLTAxVDAwOjAwOjAwLjE0OTc0NDIzMloiLCJsb2dnZWRfaW5fd2l0aF9zc28iOmZhbHNlLCJrZXkiOiIiLCJleHAiOjE2ODEyMTkyNzYsImlhdCI6MTY4MTIxNzQ3Nn0.K_85arIrigpkN1yHttCydpeT6oVg2c6PyQnuji907Og
curl --location 'https://tg-validatord-cockroach-7f1a32d5572d5e3a.int.t-dx.com/api/rest/v1/whitelists/addresses/approve' \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
--header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MTEsImV4dGVybmFsVXNlcklEIjoidGVhbTFAYmFuay5jb20iLCJ0ZW5hbnRJRCI6MSwiY2FwaXRhbFRlbmFudElEIjoxLCJmaXJzdG5hbWUiOiJKb2huIiwibGFzdG5hbWUiOiJUMSIsInJvbGVzIjpbInJlcXVlc3RjcmVhdG9yIiwiYWNjb3VudGNyZWF0b3IiLCJyZXF1ZXN0Y2FuY2VsZXIiLCJvcGVyYXRvciIsInRwdXNlciIsImZpbGV1cGxvYWRlciIsIndoaXRlbGlzdGVkYWRkcmVzc2FwcHJvdmVyIiwid2hpdGVsaXN0ZWRhZGRyZXNzY3JlYXRvciIsInJlcXVlc3RhcHByb3ZlciIsImF1ZGl0dmlld2VyIiwicHJpY2V1cGRhdGVyIiwid2hpdGVsaXN0ZWRhZGRyZXNzbW9iaWxlYXBwc2lnbmVyIiwiZmlsZWRvd25sb2FkZXIiLCJzaWduZXR1c2VyIiwicmVxdWVzdG1vYmlsZWFwcHNpZ25lciJdLCJlbWFpbCI6InRlYW0xQGJhbmsuY29tIiwidXNlcm5hbWUiOiJ0ZWFtMUBiYW5rLmNvbSIsImp3dF9yZW5ld2FibGVfYW1vdW50IjowLCJpc190b3RwX2VuYWJsZWQiOmZhbHNlLCJhdXRoX3N0YXR1cyI6IlNVQ0NFU1MiLCJsYXN0X2xvZ2luIjoiMjAyNC0wMy0xNVQxNDozMDo0Mi4wNTI1NTI5NTNaIiwibG9nZ2VkX2luX3dpdGhfc3NvIjpmYWxzZSwia2V5IjoiIiwiZXhwIjoxNzEwNTE0ODQyLCJpYXQiOjE3MTA1MTMwNDJ9.DuzObKWpSCjG_QbNWrn0Cdu1p7M-zQemdg_J2JYMLCA' \
--data '{
"signature": "OV2zss3D4lHXwoey4wQN4W4abKqIGEkEqO4RuaFxKuCoIEiygErAvRjfrX9Ud2ExIEV1cvJ0cIfYihLu+6OyMw==",
"comment": "ok compliance auto approved",
"whitelistedAddressIds": [
"23419"
]
}'
This piece of code sends a POST request to https://your-protect-instance.example.comapi/rest/v1/whiteslists/addresses/approve with the JSON string in the request body including the relevant ECDSA signature, encoded in Base64, and the list of whitelistedAddressIds.
Call Result
A successful response for the POST call to approve a address whitelisting request might look like this:
{
"signatures": "1"
}
Taurus-PROTECT responds with a JSON object containing the number of approved whitelisted address request details.
Updated 22 days ago