npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@matrica/oauth-sdk

v2.0.3

Published

A lightweight SDK for integrating Matrica authentication into your applications.

Downloads

139

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

x100xlongx100xlongutibeabasi6utibeabasi6matricalabsmatricalabs

Keywords

Readme

Matrica OAuth SDK

A lightweight SDK for integrating Matrica authentication into your applications.

To get started with Matrica OAuth, visit business.matrica.io or contact us through the website.

Installation

npm install @matrica/oauth-sdk

Version 2.0

Version 2.0.0 of this SDK implements v2 of the Matrica OAuth API. This version introduces significant improvements including pagination, better type safety, enhanced filtering, and improved developer experience.

If you're upgrading from v1, please refer to the Migration Guide for detailed instructions.

Quick Start

import { MatricaOAuthClient } from '@matrica/oauth-sdk';

const client = new MatricaOAuthClient({
    clientId: 'your-client-id',
    clientSecret: process.env.CLIENT_SECRET, // for private apps
    redirectUri: 'http://localhost:3000/callback'
});

app.get('/', async (req, res) => {
  const { url, codeVerifier } = await client.getAuthorizationUrl('profile wallets nfts');

  // Store codeVerifier in the user session here if you plan to exchange the code later
  // req.session.codeVerifier = codeVerifier;

  res.redirect(url);
});

Features

  • Easy-to-use OAuth 2.0 authentication flow
  • No external runtime dependencies beyond Node 18+ (uses built-in fetch)
  • Secure token handling

Authorization Code Flow Explained

The most common way to authenticate users is through the OAuth 2.0 Authorization Code Grant flow. Here's how it works with this SDK:

Step 1: Configure the Client

First, instantiate the client with your application's details. The redirectUri must match the one registered in your Matrica developer settings.

import { MatricaOAuthClient } from '@matrica/oauth-sdk';

const client = new MatricaOAuthClient({
    clientId: 'your-client-id',
    clientSecret: process.env.CLIENT_SECRET, // Include if your app is private/confidential
    redirectUri: 'https://your-app.com/callback' // Your callback endpoint
});

const scope = 'profile email wallets'; // Define requested permissions

Step 2: Generate the Authorization URL and Redirect the User

Create an endpoint in your application (e.g., /login) that generates the unique authorization URL and redirects the user's browser to Matrica. You must store the codeVerifier securely (e.g., in the user's session) as it's needed after the redirect.

app.get('/login', async (req, res) => {
    try {
        const { url, codeVerifier } = await client.getAuthorizationUrl(scope);

        // Store codeVerifier securely in the user's session
        // req.session.codeVerifier = codeVerifier; // Example using express-session

        console.log('Redirecting user to:', url);
        console.log('Storing codeVerifier:', codeVerifier); // For demonstration

        // Redirect the user's browser
        res.redirect(url);
    } catch (error) {
        console.error('Error generating auth URL:', error);
        res.status(500).send('Authentication failed');
    }
});

Step 3: Handle the Callback

After the user logs in and authorizes your application on Matrica, they will be redirected back to your redirectUri (e.g., /callback). Matrica will append an authorization code (and potentially state) as query parameters.

In your callback handler, retrieve the code from the query parameters and the codeVerifier you stored earlier. Use these to exchange the code for access and refresh tokens by creating a UserSession.

// Example using Express.js
app.get('/callback', async (req, res) => {
    const { code, state } = req.query; // Get code from query params
    // const codeVerifier = req.session.codeVerifier; // Retrieve stored codeVerifier

    // --- For Demonstration (replace with session retrieval) ---
    const codeVerifier = 'RETRIEVE_YOUR_STORED_CODE_VERIFIER_HERE';
    console.log('Callback received. Code:', code);
    console.log('Using stored codeVerifier:', codeVerifier);
    // --- End Demonstration ---

    if (!code) {
        return res.status(400).send('Authorization code missing');
    }
    if (!codeVerifier) {
        return res.status(400).send('Code verifier missing from session');
    }

    try {
        // Exchange the code for tokens and create a session
        const userSession = await client.createSession(code as string, codeVerifier);
        console.log('UserSession created successfully!');

        // Store session/tokens securely (e.g., encrypt and store in session/database)
        // req.session.tokens = userSession.getTokens(); // Example

        // Now you can use the session to get user data
        const profile = await userSession.getUserProfile();
        console.log('User Profile:', profile);

        // Redirect user to their dashboard or desired page
        res.redirect('/dashboard');

    } catch (error) {
        console.error('Error exchanging code for tokens:', error);
        res.status(500).send('Authentication failed during token exchange');
    }
});

Step 4: Use the UserSession

Once you have the UserSession (either newly created or reconstructed from stored tokens using client.createSessionFromTokens(tokens)), you can use its methods to access protected resources on behalf of the user.

// Example: Accessing data in another request handler
app.get('/dashboard', async (req, res) => {
    // const tokens = req.session.tokens; // Retrieve stored tokens
    // if (!tokens) {
    //    return res.redirect('/login');
    // }
    // const userSession = client.createSessionFromTokens(tokens);

    // --- For Demonstration (replace with session retrieval) ---
    // Assuming you have a valid session object from the callback step
    // const userSession = ...;
    // --- End Demonstration ---

    try {
        // Example: Fetch user's wallets
        // const wallets = await userSession.getUserWallets();
        // res.render('dashboard', { userProfile: profile, wallets: wallets }); // Pass data to template

        res.send('User authenticated! Check server logs for profile data.'); // Simplified response

    } catch (error) {
        console.error('Error fetching user data:', error);
        res.status(500).send('Failed to fetch user data');
    }
});

Additional Session Helpers

Refreshing Access Tokens

If you stored a refresh token for a confidential application you can refresh the session in-place:

await userSession.refreshToken(); // returns the new TokenResponse and updates the session

Fetching User Domains

Retrieve users' .sol, .eth, or other on-chain domain names with pagination and filtering:

const domains = await userSession.getUserDomains({ skip: 0, take: 20, networkSymbol: 'SOL' });
console.log(domains.data);       // DomainName[]
console.log(domains.pagination); // { count, skip, take }

Generic Social Account Helper

Instead of calling platform-specific helpers you can use a single method:

const twitter  = await userSession.getUserSocial('twitter');
const discord  = await userSession.getUserSocial('discord');
const telegram = await userSession.getUserSocial('telegram');

getUserTwitter, getUserDiscord, and getUserTelegram remain available for convenience.

Examples

Check out the /examples directory for complete implementation examples.

Managing Access Tokens

When using the UserSession methods like getUserProfile(), getUserWallets(), etc., you'll need to handle token expiration yourself. If a token has expired, the API will return an error.

If you need the current access token (e.g., to make a custom API call), you can use getValidAccessToken():

const accessToken = await userSession.getValidAccessToken();
console.log('Current Access Token:', accessToken);

Note that if the token has expired, you'll need to create a new user session by redirecting the user through the authentication flow again.