Link Search Menu Expand Document
tsrct documentation

tsrct command line interface

The tsrct cli is a command line utility for enterprise (org) admin users to manage their interaction with the tsrct api.

End users (usr) interact with tsrct exclusively through the mobile app, even users who are attached to an enterprise.

This section is for org admins who are carrying out various tasks such as onboarding a domain or issuing DDX records.

Installation

Usage

Top level commands

The following are the top level commands. You can always type tsrct --help to get the latest set of commands available.

  • dl: download, verify, and extract tdocs from tsrct or other urls
  • domain: domain related operations for an organization
  • sha: lookup or publish to sha registry
  • swap: swap one body for another
  • tdoc: manage tdoc operations
  • uid: uid related commands

dl command

To download a document by its UID from the tsrct API:

tsrct dl --uid <UID>

To download a document from a specific URL:

tsrct dl --url <URL>

Options:

  • --loc <path>: Specify the location and filename (without .tdoc extension) for the downloaded .tdoc file.
  • --out <path>: Specify the output filename (without extension) for the extracted content.
  • --no-extract: Download the .tdoc file but do not extract its contents.
  • --no-verify: Download the document without verifying its signature.

domain command

Initializing a domain 

tsrct domain dns \
  --key-set-id <key set id shown in tsrct> \
  --uid <desired uid selected for this domain> \
  --key-host gcp \
  --sig-key-resource <signature key resource, fully qualified path for host, INCLUDING VERSION NUMBER> \
  --enc-key-resource <encryption key resource, fully qualified path for host, INCLUDING VERSION NUMBER>

you will receive output that contains entries to put as TXT records in your DNS provider against your domain, such as: tsrct-domain-verification[0]=Yj27...Iec0xHLPWV tsrct-domain-verification[1]=O1CPK...Yz39 tsrct-domain-verification[2]=PKYjwy...8ewUeubz39I tsrct-domain-verification[3]=CK2b1...yeUb39Iecx

enter each one of the above into your DNS TXT records and wait for them to go live. You can check for their availability from the command line by using (on Mac/Unix): dig <domain> TXT

now you can initiate the process of registering the domain:

tsrct domain init \
  --dom <your domain, such as tsrct.io> \
  --key-set-id <key set id shown in tsrct> \
  --uid <desired uid selected for this domain> \
  --key-host gcp \
  --sig-key-resource <signature key resource, fully qualified path for host, INCLUDING VERSION NUMBER> \
  --enc-key-resource <encryption key resource, fully qualified path for host, INCLUDING VERSION NUMBER>

Issuing a DDX 

tsrct domain ddx-create \
  --uid <unique id for this ddx> \
  --url <url for ddx resolution> \
  --src <source UID> \
  --dom <domain> \
  --tgt <target UID> \
  --key <key id> \
  --scm <schema UID> \
  --nbf <not before date-time> \
  --acl <ACL, such as acl_pub> \
  --lst <true|false> \
  --ref <reference UID> \
  --dsc <description> \
  --sub <subject> \
  --key-host gcp \
  --sig-key-resource <signature key resource, fully qualified path for host, INCLUDING VERSION NUMBER> \
  --ddx-file <path to ddx grant file>

Example DDX grant document

This is what a simple DDX grant document (--ddx-file) can look like:

{
  "spec": {
    "category": "card",
    "name": "CloudGarage Identification",
    "design": {
      "logo": "5210852108521085210852108.cloudgarage-dev-logo-image-001",
      "title": "CloudGarage",
      "subtitle": "Employee Identification",
      "primaryImage": "5210852108521085210852108.202412310844-sg-headshot-01",
      "primaryTitle": "Saurabh Gupta",
      "primarySubtitle": "Lead Mechanic",
      "backgroundColor": "#77b6ea",
      "foregroundColor": "#37393a"
    }
  },
  "data": {
    "startDate": "2017-06-23",
    "jobDescription": [
      "As Lead Mechanic, Saurabh has the following responsibilities:",
      "* Work with engineering to build last mile solutions for enterprise customers",
      "* Collaborate with Cloud product management to identify gaps that solutions can address",
      "* Get feedback and requirements from customers to determine barriers to cloud product adoption",
      "* Work with Sales for Go-to-Market plan for each solution",
      "* Intake and curate solution requests and prioritize based on revenue potential"
    ],
    "location": "New York City, NY"
  }
}

Revoking a DDX 

tsrct domain ddx-revoke \
  --uid <UID of the DDX to revoke> \
  --url <url for ddx resolution> \
  --src <source UID> \
  --dom <domain> \
  --key <key id> \
  --dsc <description> \
  --key-host gcp \
  --sig-key-resource <signature key resource, fully qualified path for host, INCLUDING VERSION NUMBER> \
  --revoke-reason <reason for revocation>

sha command

Publishing a checksum 

tsrct sha pub \
  --input <file whose checksum is to be calculated and registered> \
  --key <keyset id to use for signing> \
  --key-host gcp \
  --sig-key-resource <signature key resource, fully qualified path for host, INCLUDING VERSION NUMBER> \
  --src <source UID>

swap command

tdoc command

Creating a document 

tsrct tdoc doc-create \
  --typ blob \
  --input <path to file to upload> \
  --cty <content type, such as image/png> \
  --src <source UID> \
  --uid <UID for this document> \
  --dsc <description> \
  --tag <tags, comma separated> \
  --acl <ACL, such as acl_pub> \
  --lst true \
  --key <key id> \
  --key-host gcp \
  --sig-key-resource <signature key resource, fully qualified path for host, INCLUDING VERSION NUMBER>

uid command