SDKs overview
Hashable offers Software Development Kits (SDKs) and libraries designed to streamline the integration of its API security platform into various development environments. These tools enable developers to programmatically interact with Hashable's core services, including API discovery, real-time threat detection, and automated policy enforcement. The primary goal of these SDKs is to reduce the effort required to onboard and manage API security within existing application stacks, supporting continuous monitoring and protection against evolving API threats. Hashable's platform is designed to provide comprehensive API security, as detailed in their official Hashable documentation, by analyzing API traffic for anomalies and malicious patterns.
The available SDKs typically focus on facilitating API call interception, metadata enrichment, and secure communication with the Hashable cloud service. This allows for automated analysis of API interactions without requiring significant modifications to application code. Developers can use these SDKs to implement custom security policies, integrate with existing CI/CD pipelines, and receive alerts on detected threats. The approach taken by Hashable mirrors industry best practices for API security, which emphasize embedding security controls directly into the API lifecycle, as discussed in resources like the Cloudflare API Security overview.
Official SDKs by language
Hashable provides official SDKs to support common programming languages and frameworks, ensuring broad compatibility for developers. These SDKs are maintained by Hashable and are the recommended method for integrating with the platform. They offer stable APIs, comprehensive documentation, and direct support. The primary function of these SDKs is to act as agents or client libraries that send API traffic metadata to the Hashable platform for analysis, or to configure the platform's behavior programmatically.
| Language | Package Name | Install Command | Maturity |
|---|---|---|---|
| Python | hashable-sdk-py |
pip install hashable-sdk-py |
Stable |
| Node.js | @hashable/node-sdk |
npm install @hashable/node-sdk |
Stable |
| Go | github.com/hashable/hashable-go-sdk |
go get github.com/hashable/hashable-go-sdk |
Stable |
| Java | com.hashable:java-sdk |
Add to pom.xml or build.gradle |
Stable |
| Ruby | hashable-ruby-sdk |
gem install hashable-ruby-sdk |
Beta |
Python SDK
The Python SDK for Hashable allows Python applications to integrate with the API security platform. It supports sending API request/response data for analysis, managing API policies, and retrieving security insights. This SDK is particularly useful for web applications built with frameworks like Django or Flask, or for scripting automated security tasks. Learn more about the Hashable Python SDK documentation.
Node.js SDK
The Node.js SDK provides functionalities for JavaScript-based applications, especially those running on Node.js environments. It enables real-time data streaming to Hashable, allowing for immediate threat detection and response for APIs served by Node.js applications. This SDK is suitable for microservices and serverless functions where quick integration and low overhead are critical. Refer to the Hashable Node.js SDK guide for detailed usage.
Go SDK
For applications developed in Go, the Hashable Go SDK offers a performant way to integrate API security. It's designed for efficiency and minimal resource consumption, making it ideal for high-throughput API gateways and backend services. The Go SDK helps in capturing and forwarding API telemetry to the Hashable platform for analysis and policy enforcement. The Hashable Go SDK reference provides installation and usage examples.
Java SDK
The Java SDK supports Java-based applications, including those built with Spring Boot, ensuring that enterprise-grade APIs are protected. It facilitates the integration of Hashable's security features into existing Java ecosystems, allowing for comprehensive monitoring and threat mitigation. This SDK handles data serialization and secure communication with the Hashable cloud. Detailed instructions are available in the Hashable Java SDK documentation.
Installation
Installation of Hashable SDKs typically involves using standard package managers for each respective language. After installation, configuration usually involves providing an API key or other credentials to authenticate with the Hashable platform. Developers should refer to the specific SDK documentation for detailed setup instructions and prerequisites. The following examples illustrate common installation methods.
Python installation
To install the Python SDK, use pip:
pip install hashable-sdk-pyAfter installation, you can initialize the client with your Hashable API key:
from hashable_sdk import HashableClient
client = HashableClient(api_key="YOUR_HASHABLE_API_KEY")
response = client.monitor_api_call(endpoint="/api/v1/users", method="GET", request_headers={{'Authorization': 'Bearer ...'}}, response_status=200)
print(response)Node.js installation
For Node.js projects, install via npm:
npm install @hashable/node-sdkExample usage in a Node.js application:
const Hashable = require('@hashable/node-sdk');
const hashableClient = new Hashable.Client({
apiKey: 'YOUR_HASHABLE_API_KEY'
});
async function recordApiEvent() {
const result = await hashableClient.recordEvent({
apiName: 'UserAPI',
endpoint: '/users/{id}',
method: 'GET',
statusCode: 200,
requestBodySize: 100,
responseBodySize: 500
});
console.log('Event recorded:', result);
}
recordApiEvent();Go installation
Install the Go SDK using go get:
go get github.com/hashable/hashable-go-sdkExample Go integration:
package main
import (
"context"
"fmt"
"log"
hashable "github.com/hashable/hashable-go-sdk"
)
func main() {
client, err := hashable.NewClient("YOUR_HASHABLE_API_KEY")
if err != nil {
log.Fatalf("Failed to create Hashable client: %v", err)
}
ctx := context.Background()
event := &hashable.APIEvent{
ApiName: "ProductService",
Endpoint: "/products",
Method: "POST",
StatusCode: 201,
LatencyMillis: 50,
}
err = client.RecordAPIEvent(ctx, event)
if err != nil {
log.Fatalf("Failed to record API event: %v", err)
}
fmt.Println("API event recorded successfully.")
}Quickstart example
This quickstart demonstrates a basic integration of the Hashable Node.js SDK to monitor API calls within an Express.js application. The example shows how to initialize the SDK and use middleware to capture request and response data for Hashable's analysis. This setup enables real-time API traffic monitoring and threat detection without extensive code modifications.
const express = require('express');
const Hashable = require('@hashable/node-sdk');
const app = express();
const port = 3000;
// Initialize Hashable SDK with your API key
const hashableClient = new Hashable.Client({
apiKey: 'YOUR_HASHABLE_API_KEY',
// Optional: configure environment or other settings
env: 'development'
});
// Middleware to log all API requests to Hashable
app.use(express.json()); // To parse JSON request bodies
app.use((req, res, next) => {
const start = process.hrtime.bigint();
res.on('finish', async () => {
const end = process.hrtime.bigint();
const latencyMillis = Number(end - start) / 1_000_000; // Convert nanoseconds to milliseconds
try {
await hashableClient.recordEvent({
apiName: 'MyWebAppAPI',
endpoint: req.path,
method: req.method,
statusCode: res.statusCode,
requestHeaders: req.headers,
responseHeaders: res.getHeaders(),
requestBody: req.body ? JSON.stringify(req.body) : null, // Capture request body
latencyMillis: latencyMillis,
// Add other relevant data like user ID, IP address, etc.
});
console.log(`Hashable recorded API event for ${req.method} ${req.path}`);
} catch (error) {
console.error('Error sending event to Hashable:', error);
}
});
next();
});
// Example API endpoint
app.get('/api/data', (req, res) => {
res.json({ message: 'This is some data.' });
});
app.post('/api/submit', (req, res) => {
console.log('Received submission:', req.body);
res.status(201).json({ status: 'success', data: req.body });
});
app.listen(port, () => {
console.log(`Express app listening at http://localhost:${port}`);
});To run this quickstart:
- Save the code as
app.js. - Install dependencies:
npm install express @hashable/node-sdk. - Set
YOUR_HASHABLE_API_KEYwith your actual key from the Hashable dashboard. - Run the application:
node app.js. - Make requests to
http://localhost:3000/api/dataorhttp://localhost:3000/api/submitto see events recorded by Hashable.
Community libraries
While Hashable maintains a set of official SDKs, the developer community may also contribute to the ecosystem by developing additional libraries, integrations, or plugins. These community-driven tools can extend Hashable's capabilities to less common languages, frameworks, or specific use cases not covered by official offerings. Community libraries are typically found on platforms like GitHub or package repositories specific to programming languages.
As of late 2024, Hashable is a relatively new platform, founded in 2023. Therefore, the ecosystem of community-contributed libraries is still developing. Developers are encouraged to check public repositories and forums for community-driven projects. Hashable often supports and highlights valuable community contributions on its community page or developer blog. When using community libraries, it is advisable to review their maintenance status, documentation, and security practices, as they may not carry the same support guarantees as official SDKs.
For example, a community library might provide a specific integration with an API Gateway like Kong, offering a plugin for Kong Gateway to forward traffic data to Hashable, or a client for a niche language. Such contributions, while not officially supported, can broaden the accessibility and utility of the Hashable platform. Developers interested in contributing can refer to Hashable's contribution guidelines.