Interface: IServiceIdentity

Defined in: src/types/interfaces/zero-trust.interface.ts:141

Service identity interface.

Remarks

Provides SPIFFE-based service identity for Zero Trust.

Methods

getSVID()

getSVID(): Promise<X509SVID>

Defined in: src/types/interfaces/zero-trust.interface.ts:152

Get own SVID.

Returns

Promise<X509SVID>

Current SVID

Remarks

Returns the current service's X.509 SVID.

---

getTrustBundle()

getTrustBundle(trustDomain?): Promise<TrustBundle>

Defined in: src/types/interfaces/zero-trust.interface.ts:165

Get trust bundle.

Parameters

trustDomain?

string

Optional trust domain (defaults to own domain)

Returns

Promise<TrustBundle>

Trust bundle

Remarks

Returns CA certificates for verifying peer SVIDs.

---

verifyPeerSVID()

verifyPeerSVID(certChain): Promise<SVIDVerificationResult>

Defined in: src/types/interfaces/zero-trust.interface.ts:175

Verify peer SVID.

Parameters

certChain

readonly string[]

PEM-encoded certificate chain

Returns

Promise<SVIDVerificationResult>

Verification result

---

watchSVID()

watchSVID(callback): () => void

Defined in: src/types/interfaces/zero-trust.interface.ts:188

Watch for SVID rotation.

Parameters

callback

(svid) => void

Function to call with new SVID

Returns

Function

Unsubscribe function

Returns

void

Remarks

Callback is invoked when SVID is rotated.