SDKs
Ruby SDK
You can use our Ruby SDK to:
- Encrypt data server-side
- Decrypt data server-side
- Invoke Functions
- Proxy requests through Relay
Encrypting data with our backend SDKs instead of Relay may expose you to greater compliance burden because your server handles plaintext data.
Instead you can:
- Use a Relay to encrypt data before it reaches your server.
- Use our client-side SDKs to encrypt data before sending it to your server.
Quickstart
Install SDK
Our Ruby SDK is distributed via RubyGems, and can be installed via the command line or a Gemfile.
Alternatively, you can install the Evervault SDK by including it in your Gemfile.
Add this line to your application's Gemfile:
Then, run the following command in your terminal:
Initialize SDK
The SDK needs to be initialized with an App's ID and API key. If you don't have one yet, you can get one by creating an App in the Evervault Dashboard.
Encrypt a string
Now that the SDK is initialized, we can encrypt a string.
Full example
Pulling all of this together leaves us with the following working example. You can copy and paste the code below (using a sandbox API key and App ID), run it in your own environment and run the encryption and decryption for yourself.
Reference
Evervault.encrypt(data)
Encrypts data using Evervault Encryption. Evervault Strings can be used across all of our Primitives. To encrypt data using the Ruby SDK, simply pass a String, Hash or Array into the encrypt() method.
The encrypted data can be stored in your database as normal and can be used with any of Evervault’s other services.
Evervault.decrypt(data)
decrypt() decrypts the data previously encrypted with the encrypt() function or through Relay.
An API key with the decrypt permission must be used to perform this operation.
Evervault.create_client_side_decrypt_token(payload, expiry)
Client Side Decrypt Tokens are versatile and short-lived tokens that frontend applications can utilise to decrypt data previously encrypted through Evervault. Client Side Decrypt Tokens are restricted to specific payloads.
By default, a Client Side Decrypt Token will live for 5 minutes into the future. The maximum time to live of the token is 10 minutes into the future.
Parameters
The payload containing encrypted data that the token will be used to decrypt.
Evervault.run(function_name, data)
Lets you invoke an Evervault Function with a given payload.
Parameters
Response
Successful Function runs will return a hash containing a Function Run ID and the result from your Function in the following format:
Evervault.create_run_token(function_name, data)
Creates a single use, time bound token (5 minutes) for invoking an Evervault Function with a given payload.
Run Tokens can be used to invoke an Evervault Function client-side without providing a sensitive API Key.
Parameters
Response
When you create a Run Token, the SDK will return a JSON object containing your token.
Run Tokens can then be used to authenticate Function runs from the client-side.
Evervault.enable_outbound_relay(options)
Configures your application to proxy HTTP requests using Relay based on the configuration created in the Evervault dashboard.