# First steps

Before starting, you need a developer account (opens new window).

If you don't have one, you can create a trial account (opens new window).

# Prerequisites

From your developer account, get the following 3 elements:

  • appId : Unique UUID for your application;
  • validationKeyId : unique UUID of the validation key;
  • validationKey : secret validation key corresponding to the validationKeyId used to generate offline license tokens.
Dashboard mode SDK
Administration dashboard


The validationKey is a secret key, it should be managed securely. The appId and the validationKeyId can be public.

# Installation

Depending on the target environment, a different version of the Seald-SDK must be installed:

# Web application

If the application in which you want to integrate the Seald-SDK is a web application:

npm i -S @seald-io/sdk-web

# React-Native application

For the react-native SDK, in addition to the Seald-SDK itself, you will need to install react-native-modpow (opens new window), react-native-async-storage (opens new window) , react-native-scrypt (opens new window) and react-native-rsa-native (opens new window):

npm i -S @seald-io/sdk-react-native
npm i -S react-native-modpow @react-native-community/async-storage react-native-scrypt react-native-rsa-native

Moreover, if react-native <0.59 is used, it will be necessary to execute an npm link for each of these libraries.

# Node.js application

For a Node.js application, you need to install node-fetch (opens new window) in addition to the SDK itself:

npm i -S @seald-io/sdk
npm i -S node-fetch

# Generation of the userLicenseToken

The userLicenseToken are generated from the retrieved validation key above and a unique identifier for the user (for example the for example the userId used by your application).

Since this key is a secret not to be disclosed to the client side, it should be stored on the application server side and used to derive a userLicenseToken per user on the server side on demand, with a specific API point to be developed in the application server. A dedicated guide is available for this.

For a quick test, this generation can be done on the client side, the SDK provides a helper allowing to generate :

# Storing User identities

To store the user's identity on the local device, you can use a persistent local database.

Additionally, to protect user identities on a server, two modes are available:

These modes are available as separately installable plugins for the Seald SDK:

# For password protection @seald-io/sdk-plugin-ssks-password :
npm i -S @seald-io/sdk-plugin-ssks-password

# For a 2-man rule protection @seald-io/sdk-plugin-ssks-2mr :
npm i -S @seald-io/sdk-plugin-ssks-2mr

For more details, see here.


If no identity protection plugin and no persistant database is used, the user's identity will not be stored anywhere, and the data encrypted with it would be unrecoverable as soon as the browser tab or application is closed.

# Start encrypting

Once all these elements are taken care of, all that's left to do is to start encrypting 😊.

# Import

First, you need to import the SDK, and the desired plugins:

For specific cases (especially in non-standard build processes), see details of import modes.

# Instanciation

This step allows to instantiate the SDK.

If you use plugins, you must pass them to the instantiation:

# Initialization & recovery of a Seald identity

In this example, the password protection mode is used, and the identity encrypted by a derivation of this password is sent to the SaaS instance of SSKS.

# Encrypt and decrypt

Two possibilities are provided to encrypt and decrypt: