Certicheck

Certicheck

API Documentation

API Documentation for Developers on TrackGenesis

Getting Started
TrackGenesis logo

Access Control

Explore and customize roles and permissions

Learn More

Activity Management

Track user activities

Learn More

API Key Management

Manage API credentials

Learn More

Certificate Management

Create and manage certificates

Learn More

Notification Management

Send and manage notifications

Learn More

Organization Management

Create and manage organizations

Learn More

Shared Link Management

Create and manage shared links

Learn More

Subscription Management

Manage user subscriptions

Learn More

User Management

Create and manage user accounts

Learn More

Getting Started

Before you can start using the Certicheck API service, you need to do the following:

  1. Create a .env file in the root of the project. You can find a sample .env.example file in the root of the project. Update the values in the .env file to match your environment.

  2. Install all the dependencies by running the following command:

bash
npm install
  1. Start the server by running the following command:
bash
npm run dev

Features

This API server consists of the following features:

  • Implement role-based and scope-based access control to ensure secure access to resources
  • Track and manage user activities
  • Generate and manage API keys for authentication and authorization purposes
  • Send and manage notifications to users
  • Create and manage organizations for grouping users
  • Manage user subscriptions for different pricing plans
  • Register and manage user accounts

1. Access Control

Our API server implements role-based and scope-based access control to ensure secure access to resources. This means that each user or API key has a set of roles and scopes associated with it, which determine what actions they are allowed to perform.

Roles are high-level groups of permissions that represent different levels of access. For example, you might have a USER role and an ADMIN role. The USER role might have permissions to read data, while the ADMIN role might have permissions to read, write, and delete data.

Scopes are more specific permissions that represent individual actions that a user or API key can perform. For example, you might have a read scope and a create scope. The read scope would allow a user to see user data, while the create scope would allow them to create new user accounts.

By combining roles and scopes, we can ensure that users or API keys have the right level of access to the resources they need. If a user or API key tries to perform an action that they are not authorized for, they will receive a Forbidden error.

This approach helps to ensure that we have secure and auditable access control in our API server..

Keep in mind that the specific roles and scopes available will depend on the needs of your application. You can define new scopes in the src/config/scopes.js file, and manage or add new roles using the role-related API routes in the /access-control section of the API documentation.

refer to Access Control

API Documentation created with ❤️ by TrackGenesis

Copyright © 2025 TrackGenesis®