@theaiinc/aegis-sdk
v0.1.6
Published
Client SDK for Aegis Identity Platform – login, logout, getUser, and token handling for SPAs
Readme
@theaiinc/aegis-sdk
Client SDK for Aegis Identity Platform – add login, logout, and user/token access to any SPA (React, Vue, or vanilla JS).
Install
npm install @theaiinc/aegis-sdk oidc-client-tsQuick start (vanilla or any framework)
import { AegisAuth } from '@theaiinc/aegis-sdk';
const auth = new AegisAuth({
issuer: 'https://id.theaiinc.com',
clientId: 'my-app',
redirectUri: 'https://myapp.example.com/callback',
postLogoutRedirectUri: 'https://myapp.example.com',
});
await auth.login();
const user = await auth.handleCallback();
const token = await auth.getToken();
await auth.logout();Open the hosted profile and security portal from an authenticated app:
auth.openAccountPortal();
// Opens https://id.theaiinc.com/account?client_id=my-appUse auth.getAccountPortalUrl() when rendering your own link or button.
For device-ID onboarding, pass the optional email prefill hint to the Aegis device authorization URL:
const rid = auth.getDeviceRegistrationParam(user.email);
// rid=... (client_id::email::timestamp, Base64 encoded)The hint expires after a short period and is only used to prefill the hosted email field; it is not an authentication credential.
React
import { AegisAuth, createAegisAuthContext } from '@theaiinc/aegis-sdk/react';
const auth = new AegisAuth({
issuer: import.meta.env.VITE_OIDC_ISSUER,
clientId: import.meta.env.VITE_OIDC_CLIENT_ID,
redirectUri: `${window.location.origin}/callback`,
postLogoutRedirectUri: window.location.origin,
});
const { AegisAuthProvider, useAegisAuth } = createAegisAuthContext(auth);Requirements
- OAuth client registered in Aegis with matching
redirect_uriand PKCE enabled for public SPAs - CORS allows your app origin (Aegis allows origins matching client redirect URIs)
API
AegisAuth(config)– create clientlogin(extraQueryParams?)– redirect to Aegis loginhandleCallback(callbackUrl?)– call on callback pagegetUser()/getToken()/isAuthenticated()logout({ redirect?: boolean })getAccountPortalUrl({ clientId? })/openAccountPortal({ clientId? })getDeviceRegistrationParam(email, timestamp?)onUserChange(callback)– subscribe to user changesgetUserManager()– raw oidc-client-tsUserManager
