@corbado/node-sdk

Corbado Node.js SDK

The Corbado Node SDK provides convenient access to the Corbado Backend API from applications written in Node.js.

:warning: The Corbado Node.js SDK is commonly referred to as a private client, specifically designed for usage within closed backend applications. This particular SDK should exclusively be utilized in such environments, as it is crucial to ensure that the API secret remains strictly confidential and is never shared.

:rocket: Getting started | :hammer_and_wrench: Services | :books: Advanced | :speech_balloon: Support & Feedback

:rocket: Getting started

Requirements

• Node.js 8 or higher.

Installation

Use the following command to install the Corbado Node.js SDK:

npm install @corbado/node-sdk

Usage

To create a Node.js SDK instance you need to provide your Project ID and API secret which can be found at the Developer Panel.

ES5:

const Corbado = require('@corbado/node-sdk');

const projectID = process.env.CORBADO_PROJECT_ID;
const apiSecret = process.env.CORBADO_API_SECRET;

const config = new Corbado.Config(projectID, apiSecret);
const sdk = new Corbado.SDK(config);

ES6:

import {SDK, Config} from '@corbado/node-sdk';

const projectID = process.env.CORBADO_PROJECT_ID;
const apiSecret = process.env.CORBADO_API_SECRET;

const config = new Config(projectID, apiSecret);
const sdk = new SDK(config);

Examples

A list of examples can be found in the integration tests here.

Services

The Corbado Node.js SDK provides the following services:

• authTokens for managing authentication tokens needed for own session management (examples)
• emailMagicLinks for managing email magic links (examples)
• emailOTPs for managing email OTPs (examples)
• sessions for managing sessions
• smsOTPs for managing SMS OTPs (examples)
• users for managing users (examples)
• validations for validating email addresses and phone numbers (examples)

To use a specific service, such as sessions, invoke it as shown below:

corbado.sessions().getCurrentUser(req);

:books: Advanced

Error handling

The Corbado Node.js SDK throws exceptions for all errors. The following errors are thrown:

• BaseError for failed assertions and configuration errors (client side)
• ServerError for server errors (server side)

If the Backend API returns a HTTP status code other than 200, the Corbado Node.js SDK throws a ServerError. The ServerErrorclass provides convenient methods to access all important data:

try {
    // Try to get non-existing user with ID 'usr-123456789'
    const user = sdk.users().get('usr-123456789');
} catch (error: ServerError) {
    // Show HTTP status code (404 in this case)
    console.log(error.getHttpStatusCode());

    // Show request ID (can be used in developer panel to look up the full request
    // and response, see https://app.corbado.com/app/logs/requests)
    console.log(error.getRequestID());

    // Show full request data
    console.log(error.getRequestData());

    // Show runtime of request in seconds (server side)
    console.log(error.getRuntime());

    // Show validation error messages (server side validation in case of HTTP
    // status code 400 (Bad Request))
    console.log(error.getValidationMessages());

    // Show full error data
    console.log(error.getError());
}

:speech_balloon: Support & Feedback

Report an issue

If you encounter any bugs or have suggestions, please open an issue.

Slack channel

Join our Slack channel to discuss questions or ideas with the Corbado team and other developers.

Email

You can also reach out to us via email at vincent.delitz@corbado.com.

Vulnerability reporting

Please report suspected security vulnerabilities in private to security@corbado.com. Please do NOT create publicly viewable issues for suspected security vulnerabilities.