Security News
CISA Brings KEV Data to GitHub
CISA's KEV data is now on GitHub, offering easier access, API integration, commit history tracking, and automated updates for security teams and researchers.
@frontegg/client
Advanced tools
Frontegg is a web platform where SaaS companies can set up their fully managed, scalable and brand aware - SaaS features and integrate them into their SaaS portals in up to 5 lines of code.
Use the package manager npm to install frontegg client.
npm install @frontegg/client
As we grow as a company we also provide new and improved APIs such as the new v3 Events API. This will allow your to configure more and worry less about channels. It is still not perfect, but we're getting there. With the new v3 api you'll be able to use the frontegg portal to map events to channels in order to allow your customers to configure their own channels. The new client will no longer send the channels you wish to trigger, and just use the event's payload.
Please note that email & slack may still require further data (like the email template or slack message format).
Unlike previous clients, the new client requires that you pass a separate authenticator.
Example:
const authenticator = new FronteggAuthenticator();
await authenticator.init('<YOUR_CLIENT_ID>', '<YOUR_API_KEY>')
const eventsClient = new EventsClient(authenticator);
const id = await eventsClient.send(
'my-tenant-id',
{
eventKey: 'my.event',
data: {
description: 'my description',
title: 'my title'
},
channelConfiguration: {
email: {
from: 'email@email.com',
html: '<div>{{title}}</div>', // data interpolation using the event data
subject: 'subject'
},
slack: {
emails: ['email@email.com'],
slackMessageConfig: {
// use https://api.slack.com/methods/chat.postMessage data format to fill this configuration
}
}
}
})
Frontegg offers multiple components for integration with the Frontegg's scaleable back end and front end libraries
When using Frontegg's managed UI features and UI libraries, Frontegg allow simple integration via middleware usage
To use the Frontegg's middleware import the frontegg middleware from the @frontegg/client library
const { frontegg, FronteggPermissions } = require('@frontegg/client');
And use the following lines after the authentication verification
app.use('/frontegg', frontegg({
clientId: 'my-client-id',
apiKey: 'my-api-key',
contextResolver: (req) => {
const email = req.context.user; // The user context (after JWT verification)
const tenantId = req.context.tenantId; // The tenantId context (after JWT verification)
const permissions = [FronteggPermissions.All];
return {
email,
tenantId,
permissions
};
}
}))
To use the Frontegg's middleware inside NextJS project:
Add a new route to your project /pages/api/frontegg/[...param].ts
Import fronteggNextJs from the @frontegg/client library
const { fronteggNextJs, FronteggPermissions } = require('@frontegg/client');
And export the middleware from /pages/api/frontegg/[...param].ts
export default fronteggNextJs({
clientId: 'my-client-id',
apiKey: 'my-api-key',
contextResolver: (req) => {
const email = req.context.user; // The user context (after JWT verification)
const tenantId = req.context.tenantId; // The tenantId context (after JWT verification)
const permissions = [FronteggPermissions.All];
return {
email,
tenantId,
permissions
};
}
})
When using the Frontegg middleware library, you can choose which functionality is enabled for your user based on his role or based on any other business logic your application holds.
Controlling the permissions is done via the Frontegg middleware by injecting the permissions array
/// Allow the user to do everything on all enabled Frontegg modules
const permissions = [FronteggPermissions.All];
/// Allow the user to do everything on Frontegg audits module
const permissions = [FronteggPermissions.Audit];
/// Allow the user to read audits and audits stats but not exporting it
const permissions = [FronteggPermissions.Audit.Read, FronteggPermissions.Audit.Stats];
Let your customers record the events, activities and changes made to their tenant.
Frontegg’s Managed Audit Logs feature allows a SaaS company to embed an end-to-end working feature in just 5 lines of code.
const { AuditsClient } = require('@frontegg/client')
const audits = new AuditsClient()
// First initialize the module
await audits.init('MY-CLIENT-ID', 'MY-AUDITS-KEY')
// And add audits
await audits.sendAudit({
tenantId: 'my-tenant-id',
time: Date(),
user: 'info@frontegg.com',
resource: 'Portal',
action: 'Login',
severity: 'Medium',
ip: '1.2.3.4'
})
const { AuditsClient } = require('@frontegg/client')
const audits = new AuditsClient()
// First initialize the module
await audits.init('MY-CLIENT-ID', 'MY-AUDITS-KEY')
// And add audits
const { data, total } = await audits.getAudits({
tenantId: 'my-tenant-id',
filter: 'any-text-filter',
sortBy: 'my-sort-field',
sortDirection: 'asc | desc'
offset: 0, // Offset for starting the page
count: 50 // Number of desired items
})
Frontegg provides a comprehensive REST API for your application. In order to use the API from your backend it is required to initialize the client and the authenticator which maintains the backend to backend session.
const authenticator = new FronteggAuthenticator();
await authenticator.init('<YOUR_CLIENT_ID>', '<YOUR_API_KEY>')
const httpClient = new HttpClient(authenticator);
await httpClient.post('https://api.frontegg.com/identity/resources/auth/v1/user', {
email: 'johndoe@acme.com',
password: 'my-super-duper-password'
}, {
frontegg-vendor-host: 'https://acme.frontegg.com'
});
FAQs
Frontegg Javascript Library for backend node servers
The npm package @frontegg/client receives a total of 15,403 weekly downloads. As such, @frontegg/client popularity was classified as popular.
We found that @frontegg/client demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
CISA's KEV data is now on GitHub, offering easier access, API integration, commit history tracking, and automated updates for security teams and researchers.
Security News
Opengrep forks Semgrep to preserve open source SAST in response to controversial licensing changes.
Security News
Critics call the Node.js EOL CVE a misuse of the system, sparking debate over CVE standards and the growing noise in vulnerability databases.