@oneuid/sdk-node

@oneuid/sdk-node

Node.js SDK for OneUID — verify access tokens and call the OneUID API from your backend.

Install

npm install @oneuid/sdk-node
# or
pnpm add @oneuid/sdk-node
# or
yarn add @oneuid/sdk-node

Usage

import { OneUIDNode } from '@oneuid/sdk-node';

const oneuid = new OneUIDNode({
  apiUrl: 'https://api.oneuid.dev', // or your self-hosted API URL
  jwtSecret: process.env.JWT_SECRET!,
  jwtIssuer: 'oneuid', // optional, default: 'oneuid'
});

// Verify an access token (e.g. in middleware)
const token = req.headers.authorization?.replace('Bearer ', '');
const payload = await oneuid.verifyToken(token);
// payload: { sub, tid, adm, iat, exp, iss }

// Call OneUID API with a token
const user = await oneuid.getUser(adminToken, userId);

// Extract tenant ID without full verification (e.g. for routing)
const tenantId = oneuid.extractTenantId(token);

API

• verifyToken(token: string) — Verify JWT and return payload. Throws if invalid or expired.
• apiCall<T>(token, path, options?) — Call any OneUID API path with the given token.
• getUser(adminToken, userId) — Get user profile by ID (requires admin token).
• extractTenantId(token) — Read tid from token without verification. Use for routing only; always verify with verifyToken() when enforcing auth.

REST API reference & Postman

• Interactive docs — https://oneuid.dev/docs (all runtime and admin endpoints).
• Postman — Import the collection from the OneUID dashboard (download JSON). It lists the same routes as the docs for your baseUrl.

Requirements

• Node.js >= 18
• Same JWT_SECRET (and optional issuer) as your OneUID API

License

MIT