JSPM

  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 391
  • Score
    100M100P100Q96173F
  • License MIT

TypeScript/JavaScript client SDK for Entity Auth - registry-driven authentication with generic entities, relations, and real-time security

Package Exports

  • @entityauth/auth-client
  • @entityauth/auth-client/auth
  • @entityauth/auth-client/client
  • @entityauth/auth-client/config
  • @entityauth/auth-client/convex
  • @entityauth/auth-client/entities
  • @entityauth/auth-client/graphql
  • @entityauth/auth-client/http
  • @entityauth/auth-client/relations

Readme

@entityauth/auth-client

Entity Auth client SDK for web/Node.

Install

pnpm add @entityauth/auth-client

Quick start

import { EntityAuthClient, init as initEA, SDK } from '@entityauth/auth-client';

initEA({
  workspaceTenantId: process.env.NEXT_PUBLIC_ENTITY_AUTH_WORKSPACE_TENANT_ID!,
  baseURL: process.env.NEXT_PUBLIC_ENTITY_AUTH_URL,
});

const ea = new EntityAuthClient();
await SDK.register({ email: 'a@b.com', password: 'secret' });
await SDK.login({ email: 'a@b.com', password: 'secret' });
const me = await ea.me();

// Generic entities
const created = await SDK.createEntity({
  workspaceTenantId: 'workspace-123',
  kind: 'workspace',
  properties: { name: 'My Workspace' },
});
const fetched = await SDK.getEntity({ id: created.id });
const updated = await SDK.updateEntity({ id: created.id, patch: { description: 'Hello' } });
await SDK.deleteEntity({ id: created.id });

// Universal listing & upsert
const list = await SDK.listEntities({
  workspaceTenantId: 'workspace-123',
  kind: 'user',
  filter: { status: 'active', email: 'a@b.com' },
  limit: 50,
});
const up = await SDK.upsertEntity({
  workspaceTenantId: 'workspace-123',
  kind: 'user',
  properties: { email: 'a@b.com' },
});

// Enforced-auth variants
await SDK.createEntityEnforced({ workspaceTenantId: 'workspace-123', kind: 'org', properties: { name: 'Acme' }, actorId: 'user_1' });
await SDK.updateEntityEnforced({ id: created.id, patch: { properties: { name: 'Renamed' } }, actorId: 'user_1' });
await SDK.deleteEntityEnforced({ id: created.id, actorId: 'user_1' });

// Generic relations
await SDK.linkRelation({
  workspaceTenantId: 'workspace-123',
  srcId: 'entityA',
  relation: 'member_of',
  dstId: 'entityB',
});
const rel = await SDK.getRelation({ srcId: 'entityA', relation: 'member_of', dstId: 'entityB' });
await SDK.unlinkRelation({ workspaceTenantId: 'workspace-123', srcId: 'entityA', relation: 'member_of', dstId: 'entityB' });

Cross-origin note (web)

The SDK sends fetch requests with credentials: 'include' so cookies can be used across origins. For cross-origin deployments, ensure your API sets the refresh cookie with SameSite=None; Secure and that CORS allows credentials.

API surface

  • Auth: register, login, refresh, logout, me, getOpenAPI
  • Generic entities: createEntity, updateEntity, deleteEntity, getEntity, listEntities, upsertEntity, createEntityEnforced, updateEntityEnforced, deleteEntityEnforced
  • Generic relations: linkRelation, unlinkRelation, getRelation, queryRelations
  • Passkeys (WebAuthn): SDK.passkeys.register({ workspaceTenantId, userId }), SDK.passkeys.signIn({ workspaceTenantId, userId? })

Note: legacy users/orgs/sessions modules were removed. Use generic entities/relations exclusively.

Sessions

Use login, refresh, and logout. The JS SDK does not expose session list/revoke APIs.

Passkeys notes (web)

  • RP ID is derived from the request host as eTLD+1 and origins are enforced server-side per workspace. The SDK orchestrators call:
    • POST /api/auth/webauthn/begin/registrationnavigator.credentials.create
    • POST /api/auth/webauthn/finish/registration
    • POST /api/auth/webauthn/begin/authenticationnavigator.credentials.get
    • POST /api/auth/webauthn/finish/authentication