Authenticate with Internet Identity private key

[bodily11]

Hello, not sure if this is possible, but figured I would ask anyway.

I can find my Internet Identity keys in local storage. If I take the first 32 bytes, then I get a nice ed25519 key that I can import with Identity("ed25519_key_I_took_from_local_storage"). This works and the identity is imported. When I create the agent with the client, I can call agent.get_principal(), but I can't get the agent.get_principal() to match up with the principal that I actually have in an app when I login with Internet Identity. Even if I change the client (to perhaps the domain of the website I was logging in to), the principal I get from agent.get_principal() stays the same.

Am I missing something here? Or am I trying to do something that isn't actually possible? Would love to know how to authenticate with an existing Internet Identity, and perhaps my strategy is flawed somehow.

Thank you!

[Myse1f]

imk, you can not get the private key from Internet Identity. Refer to IC document.

[bodily11]

You are correct, the private key stays in the local device. But you do get a pair of session keys generated that have received delegation to act on behavior of the main private key. See II spec here: https://github.com/dfinity/internet-identity/blob/main/docs/internet-identity-spec.adoc#identity-design-and-data-model

So I suppose I'm wondering if I can take that session key and use it to sign calls in the JS agent or Python agent. It appears to be a valid ed25519 key that I can import into the Python agent Identity correctly.

[Myse1f]

59