OpenNHP JavaScript SDK Demo

Protected Server: https://ac.opennhp.org Invisible by default, scan ports to verify Scan

✓ Knock Successful

You can now access

Redirecting in 5 seconds

Ready

▶ Runtime Flow

Initialize NHPAgent with a browser relay transport

Attach app identity and trusted nhp-server key

Build encrypted KNK packet using ECDH and AEAD

POST to nhp-relay server, which forwards the knock to nhp-server over UDP

Parse ACK/COK response and extract temporary access details

Redirect the user to the now-accessible protected resource

☰ SDK Event Logclick to fold / unfold

⚙ NHP-Agent Parametersclick to view / edit

nhp-server Public Key (Base64)

nhp-agent Private Key (Base64)

Cipher Scheme

Timeout (ms)

Relay API Path (relayUrl)

User ID

Device ID

Organization ID

Resource ID

Service ID

import { NHPAgent } from '@opennhp/agent'; // 1. Create the agent. Browsers can't send UDP, // so use the relay transport. const agent = new NHPAgent({ transport: 'relay', relayUrl: 'https://relay.example.com/relay', privateKey: agentPrivateKey, }); await agent.init(); // 2. Identify the caller and pin the nhp-server // your app trusts. agent.setIdentity({ userId: currentUser.email, deviceId: browserDeviceId, organizationId: 'opennhp.org', }); agent.addServer({ publicKey: serverPublicKey }); // 3. Knock for the resource. Redirect only // after a successful ACK. const result = await agent.knockResource({ resourceId: 'demo', serviceId: 'example', }); if (result.success) { window.location.href = `https://${Object.values(result.resourceHosts)[0]}`; }