Service setup
Installation guide for CREDEBL Platform Services
Last updated
Installation guide for CREDEBL Platform Services
Last updated
Before installing the CREDEBL Platform services, it is essential to ensure that your environment meets certain prerequisites. Properly setting up these requirements will help facilitate a smooth installation process and optimal performance of the platform. This includes preparing your system with the necessary software dependencies, configuring the required network settings, and ensuring adequate hardware resources. Following these guidelines will help prevent potential issues and ensure that the CREDEBL Platform services are installed and operate as intended.
Here is the list of software needed to get started:
and (>= 18)
(>= 2.34.1)
(>= 24.0.5)
(>= 2.20.3)
The above can directly be installed from their respective docs or
Here is the list of prerequisites software we will need for CREDEBL:
(>= 14)
(>= 2.6.4)
(>= 7.4)
(>= 25.0.6)
(optional)
Clone the platform repository from GitHub:
To help you quick start, a .env.demo is already present at the root of the platform repository. To getting started, rename .env.demo to .env
Please find your-ip in the .env file, and replace all occurrences it with your machine's Ip address.
In case you already have PostgreSQL preinstalled on your machine, you can simply skip the database setup and add the appropriate .env variable after creating user postgres and database credebl if not already created.
PostgreSQL is a powerful, open-source object-relational database system known for its robustness and advanced features. This guide provides instructions for installing and configuring PostgreSQL both natively and using Docker. Installing PostgreSQL
Initially we'll need to install postures on the host or on docker
Access the PostgreSQL and create user and database
The CREDEBL platform utilizes NATS for message-driven data exchange between its micro-services.
The CREDEBL platform leverages Redis as an in-memory data store, primarily for caching and queuing.
Keycloak is an open source identity and access management solution
Run Keycloak using docker:
Once logged in:
This section guides you through the initial setup and configuration of Keycloak through its administration console.
Go to administration console
Login using username: admin, password: admin.
Click on the Keycloak dropdown on the top left and add a new realm as “credebl-platform” by clicking on 'Create realm'.
Go to 'Clients' under 'Manage' in the sidebar on the left and create new client as a clientId = “adminClient”.
Click on Next Button
Set client authentication to ON mode.
Set Service Accounts Roles to ON mode.
Set Direct Access Grants to ON mode.
Click on Next Button
Save the details
Service Account Roles Settings:
This section outlines the configuration of service account roles to manage permissions and access control within Keycloak.
If not already inside, go to adminClient from the clients in the side bar.
Go to the Service account role section.
Click on the Assign role button.
Select Filter by clients from the dropdown menu.
Select the below roles from the Available Roles and click on the Assign button:
Create-client
Manage-client
Manage-users
Query-clients
Query-users
View-clients
View-users
Realm Roles Settings:
This section covers the configuration of realm role settings within Keycloak.
Under the credebl-platform realm, from the menu select realm-roles.
Under the credebl-platform realm, from the menu select realm-roles.
In realm-roles, click on Create Role and create a role with Role name=“holder”
SSO Session Settings:
Set SSO Session Idle to 2 days. This is the expiration time of the refresh token if the user is idle on the platform. We can configure this as per our need.
To navigate to SSO Session, go to Realm settings option on left sidebar under configure, now under the Sessions tab you can see SSO Session Idle.
Update the .env
Update the .env file for the Keycloak details: To set the env variable KEYCLOAK_MANAGEMENT_CLIENT_SECRET, in credebl-platform realm, go to clients >> adminClient. Now in the Credentials tab, copy the client secret
Below is an optional step to add users and can be skipped
Add the send grid key in the .env
To utilize all functionalities of CREDEBL, total of 3 S3 buckets are required for;
Storing Organization logo during creating and updating an organization
Bulk issuance of credentials
Clone the platform repository from GitHub:
To help you quick start, a .env.demo is already present at the root of the platform repository. To getting started, rename .env.demo to .env
Please find JWT_TOKEN_SECRET in the .env file and replace its value with a base64-encoded JWT token.
Build the Docker Image
Run the Docker Container
-d: Run container in detached mode
--env-file .env: Load environment variables from the .env file
-p 4000:4000: Map host port 4000 to container port 4000
-v "$PWD/app/schemas:/app/schemas": Mount the local app/schemas directory into the container
--name schema-file-server: Assign a name to the container
schema-file-server: The name of the Docker image
Update the schema file server token and URL in both the .env and agent.env files.
The Docker image built during this process is used to launch agents for new organizations on the CREDEBL platform.The Docker image name is set as an environment variable during the platform setup in a later step.
Now seed the db, before starting the services using the following:
Since, you are in the '/prisma-service', move back to the root
Start the services:
Apart from the already present variables, you need to add few variables generated from the below prerequisites like the , , , , etc at the respective steps.
You can read more about prisma connection URLs in PostgreSQL here:
For default setup, you can skip NATS and REDIS configurations and
Currently the already contains NATS keys and the local setup skips authorization for NATS messaging between services. Refer to know more about NATS authorization
To create your Nkeys, you can refer NATS tool nk as per their
You can skip REDIS setup if you are installing Platform services using docker.
This command installs and starts Keycloak at the specified endpoints, locally accessible at .
Add * (Eg.: *) in Valid Redirect URIs as front-end url.
Add (Eg.: ) in Root URL.
Add (Eg.: ) in Web Origins.
Add username: and email: .
Create a , generate an API key, and grant necessary permissions for sending emails.
Make a note of the API-key as well as the email used, as this will be used in our .env and during
Storing connection URL generated from and creating shortened URL
According to the AWS_S3_STOREOBJECT_BUCKET name, as per the , add domain to access objects from the bucket and save it, as it is utilized for the another .env variable
The default image for agent is ghcr.io/credebl/credo-controller:latest refering to latest release of the credo-controller. Refer here:
Note: Currently to have agent setup(image built), we need node version to be - 18.19.0
However, we are actively seeking contributions to update it to the Latest Stable Version, you can check the open issue
Make sure the .env file is set with all the required environment variables as per the sample file and the give above.
Before you start the services make sure to update the credebl-master-table.json present at location, libs/prisma-service/prisma/data details as well as your ip-address
At the root of the :
Access the Platform API by navigating to
