KOR Protocol Developer Docs
  • KOR Protocol: Introduction
    • Overview
    • Partners
  • Overview of KOR SDK
    • Notable Features
    • Merits of using KOR SDK
    • Use Cases
  • SDK Reference
    • Introduction
    • SDK Installation
    • SDK Initialization
    • Client Methods
      • Asset
      • NFT
      • On-Chain IP
      • On-Chain License
      • Royalty Distribution
      • Conflict Management
    • Tutorials
      • Pre-requisites
      • Mint and Register in Own Collection
      • Mint in KOR Collection and Register
      • Register Existing Minted Token as IP
      • Launch 100-Song Album via IPFS
      • Launch 5-Song Album via AWS S3
      • Register Asset as Derivative
      • Update License Terms of Existing IP
      • Raise, resolve and cancel conflicts
      • Create a copy NFT of an IP
    • Releases
    • Deployed Smart Contracts
  • Essential Business Flows
  • Architecture
    • Overview
    • Event Listener
    • Modules
      • Asset Module
      • NFT Module
      • On-Chain IP Module
      • On-Chain License Module
      • Royalty Distribution Module
      • Conflict Management Module
  • Key Definitions
  • Community
Powered by GitBook
On this page
  1. SDK Reference

Introduction

PreviousSDK ReferenceNextSDK Installation

Last updated 7 months ago

This document explains how to set up and use KOR Protocol TypeScript SDK. The SDK allows users to interact with KOR Protocol smart contract securely using an API key issued upon subscription.

To initialize the SDK, a website developer will use an API key. During the creation or modification of this API key, various security permissions can be configured. There are four distinct security rules that can be applied individually or in combination:

  1. No Lock: The API key remains unrestricted, which poses a risk of unauthorized access and misuse by other users. This setting is suitable for developers testing in a staging environment where security is less critical.

  2. Allowed Domains: This feature, known as "Allow list Domains," enables you to define specific web domains that are permitted to use your API key. This prevents unauthorized third parties from utilizing your key on their websites.

  3. Allowed IPs: The "Allow list IPs" feature allows you to specify a set of IPv4 addresses authorized to make requests using your API key, effectively blocking requests from any other IP addresses.

  4. Google reCAPTCHA: By integrating reCAPTCHA, you add an extra layer of security against malicious software, preventing bots from abusing your website's functionalities. Legitimate users can continue to perform actions like logging in, making purchases, or creating accounts, while fake users are blocked.