import { EntityAuthClient, init as initEA, SDK } from '@entityauth/auth-client';

initEA({
  workspaceTenantId: process.env.NEXT_PUBLIC_ENTITY_AUTH_WORKSPACE_TENANT_ID!,
  baseURL: process.env.NEXT_PUBLIC_ENTITY_AUTH_URL,
});

const ea = new EntityAuthClient();
await SDK.register({ email: 'a@b.com', password: 'secret' });
await SDK.login({ email: 'a@b.com', password: 'secret' });
const me = await ea.me();

// Generic entities
const created = await SDK.createEntity({
  workspaceTenantId: 'workspace-123',
  kind: 'workspace',
  properties: { name: 'My Workspace' },
});
const fetched = await SDK.getEntity({ id: created.id });
const updated = await SDK.updateEntity({ id: created.id, patch: { description: 'Hello' } });
await SDK.deleteEntity({ id: created.id });

// Universal listing & upsert
const list = await SDK.listEntities({
  workspaceTenantId: 'workspace-123',
  kind: 'user',
  filter: { status: 'active', email: 'a@b.com' },
  limit: 50,
});
const up = await SDK.upsertEntity({
  workspaceTenantId: 'workspace-123',
  kind: 'user',
  properties: { email: 'a@b.com' },
});

// Enforced-auth variants
await SDK.createEntityEnforced({ workspaceTenantId: 'workspace-123', kind: 'org', properties: { name: 'Acme' }, actorId: 'user_1' });
await SDK.updateEntityEnforced({ id: created.id, patch: { properties: { name: 'Renamed' } }, actorId: 'user_1' });
await SDK.deleteEntityEnforced({ id: created.id, actorId: 'user_1' });

// Generic relations
await SDK.linkRelation({
  workspaceTenantId: 'workspace-123',
  srcId: 'entityA',
  relation: 'member_of',
  dstId: 'entityB',
});
const rel = await SDK.getRelation({ srcId: 'entityA', relation: 'member_of', dstId: 'entityB' });
await SDK.unlinkRelation({ workspaceTenantId: 'workspace-123', srcId: 'entityA', relation: 'member_of', dstId: 'entityB' });

Cross-origin note (web)

The SDK sends fetch requests with credentials: 'include' so cookies can be used across origins. For cross-origin deployments, ensure your API sets the refresh cookie with SameSite=None; Secure and that CORS allows credentials.

API surface

Auth: register, login, refresh, logout, me, getOpenAPI
Generic entities: createEntity, updateEntity, deleteEntity, getEntity, listEntities, upsertEntity, createEntityEnforced, updateEntityEnforced, deleteEntityEnforced
Generic relations: linkRelation, unlinkRelation, getRelation, queryRelations
Passkeys (WebAuthn): SDK.passkeys.register({ workspaceTenantId, userId }), SDK.passkeys.signIn({ workspaceTenantId, userId? })

Note: legacy users/orgs/sessions modules were removed. Use generic entities/relations exclusively.

Sessions

Use login, refresh, and logout. The JS SDK does not expose session list/revoke APIs.

Passkeys notes (web)

RP ID is derived from the request host as eTLD+1 and origins are enforced server-side per workspace. The SDK orchestrators call:
- POST /api/auth/webauthn/begin/registration → navigator.credentials.create
- POST /api/auth/webauthn/finish/registration
- POST /api/auth/webauthn/begin/authentication → navigator.credentials.get
- POST /api/auth/webauthn/finish/authentication

Keywords

FAQs

What is @entityauth/auth-client?

Is @entityauth/auth-client popular?

Is @entityauth/auth-client well maintained?

Package last updated on 02 Nov 2025

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

@entityauth/auth-client