Quickstart Guide

Welcome to the Tokenetes quickstart guide. This tutorial will guide you through setting up the sample application and observing Tokenetes in action.

Tokenetes is an open source implementation of the IETF OAuth Transaction Tokens (TraTs) draft specification.


Follow the instructions in the README of the example application to deploy the application.

After successful deployment, you will see a running tconfigd pod in the tokenetes-system namespace:

kubectl get pod -n tokenetes-system


NAME                        READY   STATUS    RESTARTS   AGE
tconfigd-7c94fd755b-b5tjh   1/1     Running   0          49s

You will also see Tokenetes service pods in the application namespace, which is alpha-stocks-dev:

kubectl get pod -n alpha-stocks-dev | grep tokenetes


tokenetes-7789594688-b8jjq   1/1     Running   0          67s


The example application has four APIs, and TraTs for each API can be found here.

These TraTs are applied when the application is deployed. You can list them with the following command:

kubectl get trats -n alpha-stocks-dev


NAME                      STATUS   AGE    RETRIES
stock-details-api-trat    DONE     118s   0
stock-holdings-api-trat   DONE     118s   0
stock-search-api-trat     DONE     118s   0
stock-trade-api-trat      DONE     118s   0

To check the contents of a specific TraT, use:

kubectl describe trats/stock-trade-api-trat -n alpha-stocks-dev


Name:         stock-trade-api-trat
Namespace:    alpha-stocks-dev
Labels:       <none>
Annotations:  <none>
API Version:  tokenetes.io/v1alpha1
Kind:         TraT
  Creation Timestamp:  2024-07-22T20:36:14Z
  Generation:          1
  Resource Version:    6490948
  UID:                 d7d8c768-7598-4d02-8e4f-e828dff8d0c7
  Azd Mapping:
      Required:  true
      Value:     ${body.orderType}
      Required:  true
      Value:     ${body.quantity}
    Stock Id:
      Required:  true
      Value:     ${body.stockId}
  Endpoint:      /api/order
  Method:        POST
  Purp:          stock-trade
    Name:      order
    Endpoint:  /internal/stocks
    Name:      stocks
  Generation Applied:    true
  Retries:               0
  Status:                DONE
  Verification Applied:  true
  Type    Reason                                     Age    From             Message
  ----    ------                                     ----   ----             -------
  Normal  verification application stage successful  2m39s  trat-controller  verification application stage completed successfully
  Normal  generation application stage successful    2m39s  trat-controller  generation application stage completed successfully

Observing TraTs in Action

To see TraTs in action, launch the example application frontend, which interactively shows the generated TraTs for each invoked external API.

  1. Launch the frontend client application as per the example application README.

  2. Enter http://localhost:4200/ in your browser.

  3. You will see a Dex authentication page similar to the one shown below:

What Is a TraT
  1. Authenticate with any user from here with the default password of password123. For example, you can use the username [email protected] with password password123.

  2. After authentication, as you navigate through the application, you will see the generated TraTs for the invoked external APIs. Below is a sample page:

What Is a TraT

Next Steps

To set up TraTs in your own microservices application, proceed to Installing Tokenetes.