IndyKite Developer Hub logo
Back to all configurations
Environment

Environment configuration

Create a project, an application, an application agent, an application agent credential to get an Application token.

Environment configuration

This Terraform configuration sets up a complete IndyKite environment hierarchy:

1. Project: Container for applications and configurations.

2. Application: Represents your software system.

3. Application Agent: Identity that authenticates API calls.

4. Application Agent Credential: Token used for API authentication.

The configuration also creates an Identity Knowledge Graph (IKG) with an _Application node.

Use case

Scenario: You need to integrate your application with the IndyKite platform.

Before calling any IndyKite API (Capture, Query, Authorization), your application needs valid credentials. This configuration creates the required hierarchy and outputs an Application Agent token.

The token can be used as:

- Bearer token for REST API calls.

- API Key for SDK authentication.

Note: The Config API requires ServiceAccount credentials at the organization level, not Application Agent credentials.

Requirements

- ServiceAccount credentials created in the IndyKite Hub for your organization.

- Terraform CLI installed on your machine.

Steps

1. Configure the Terraform provider with your ServiceAccount credentials.

2. Apply the Terraform configuration to create the environment hierarchy.

3. Retrieve the Application Agent credential from the Terraform output.

4. Use the credential as Bearer token or API Key in your application.

main.tf

terraform {
  required_providers {
    indykite = {
      source  = "indykite/indykite"
      version = 1.26. # or latest version
    }
  }
}

# indykite provider integrates IndyKite platform with Terraform scripting.
# Provider for now does not support any parameters and all is set within service account credential file.
provider "indykite" {}

# call the indykite_customer datasource
data "indykite_customer" "customer1" {
  name = "your-customer-name"
}

# call the indykite_application_space resource to create a new project
resource "indykite_application_space" "appspace1" {
  customer_id  = data.indykite_customer.customer.id
  name         = "project-name"
  display_name = "Prject display name"
  description  = "Description of your project"
  region       = "europe-west1" # or us-east1
  ikg_size     = "4GB"  # default 2GB
}

# call the indykite_application resource to create a new application
resource "indykite_application" "application1" {
  app_space_id = indykite_application_space.appspace.id
  name         = "application-name"
  display_name = "Application display name"
  description  = "Description of your application"
}

# call the indykite_application_agent to create a new application agent
resource "indykite_application_agent" "agent" {
  application_id = indykite_application.application.id
  name           = "application-agent-name"
  display_name   = "Application agent display name"
  description    = "Description of your application agent"
}

# call the indykite_application_agent_credential to create a new application agent credential
resource "indykite_application_agent_credential" "with_public" {
  app_agent_id = indykite_application_agent.agent.id
  display_name = "Credential display name"
  expire_time  = "2026-12-31T12:34:56-01:00" #must be less than 2 years to generate a token
}