Browser SDK Reference

The browser client (@reauth-dev/sdk) provides the full client-side API for authentication, billing, organizations, and credits.

Setup

import { createReauthClient } from '@reauth-dev/sdk';

const reauth = createReauthClient({
  domain: 'yourdomain.com',
  timeout: 10000, // Optional, default 10s
});

No API key needed — the browser client uses session cookies.

Authentication

login()

Redirect to the hosted login page:

reauth.login(); // Browser-only, redirects to https://reauth.yourdomain.com/

getSession()

Check if the user is authenticated:

const session = await reauth.getSession();
// Returns: ReauthSession
// {
//   valid: boolean,
//   end_user_id: string | null,
//   email: string | null,
//   roles: string[] | null,
//   active_org_id: string | null,
//   org_role: string | null,
//   waitlist_position: number | null,
//   google_linked: boolean | null,
//   twitter_linked: boolean | null,
//   error: string | null,
//   error_code: string | null,
//   subscription?: { status, plan_code, plan_name, current_period_end, cancel_at_period_end, trial_ends_at }
// }

refresh()

Refresh the access token using the refresh token:

await reauth.refresh();

Call this when getSession() returns valid: false without an error_code.

getToken()

Get a JWT access token for Bearer authentication with your own API:

const tokenResponse = await reauth.getToken();
// Returns: TokenResponse | null
// {
//   accessToken: string,
//   expiresIn: number,     // seconds
//   tokenType: string,     // "Bearer"
// }
// Returns null if not authenticated or network unreachable

logout()

Clear all session cookies:

await reauth.logout();

deleteAccount()

Delete the user's own account:

await reauth.deleteAccount();

Headless Authentication

Requires headless mode enabled in dashboard.

getConfig()

Get the domain's public auth configuration:

const config = await reauth.getConfig();
// Returns: DomainConfig
// {
//   domain: string,
//   authMethods: { magicLink: boolean, googleOauth: boolean, twitterOauth: boolean },
//   redirectUrl: string | null,
//   headlessEnabled: boolean,
// }

requestMagicLink(opts)

Send a magic link email:

await reauth.requestMagicLink({
  email: 'user@example.com',
  callbackUrl: 'https://yourdomain.com/auth/verify', // Optional
});

verifyMagicLink(opts)

Verify a magic link token. Session cookies are set automatically on success:

const result = await reauth.verifyMagicLink({ token: 'the-token' });
// Returns: MagicLinkVerifyResult
// {
//   success: boolean,
//   redirectUrl: string | null,
//   endUserId: string | null,
//   email: string | null,
//   waitlistPosition: number | null,
// }

startGoogleOAuth()

Start a Google OAuth flow:

const { authUrl, state } = await reauth.startGoogleOAuth();
window.location.href = authUrl; // Redirect to Google

startTwitterOAuth()

Start an X (Twitter) OAuth flow:

const { authUrl, state } = await reauth.startTwitterOAuth();
window.location.href = authUrl;

Organizations

See organizations.md for concepts and patterns.

createOrg(name)

const org = await reauth.createOrg('My Team');
// Returns: Organization { id, name, isPersonal, createdAt }

listOrgs()

const orgs = await reauth.listOrgs();
// Returns: Organization[]

getOrg(orgId)

const org = await reauth.getOrg('org-uuid');

updateOrg(orgId, name)

Requires owner role:

const org = await reauth.updateOrg('org-uuid', 'New Name');

deleteOrg(orgId)

Requires owner role:

await reauth.deleteOrg('org-uuid');

switchOrg(orgId)

Switch active organization. Re-issues JWT with new active_org_id and org_role:

const result = await reauth.switchOrg('org-uuid');
// Returns: SwitchOrgResult
// {
//   activeOrgId: string,
//   orgRole: OrgRole,
//   subscription: SubscriptionInfo,
// }

getActiveOrg()

Get the active org from the current session:

const active = await reauth.getActiveOrg();
// Returns: { id: string, role: OrgRole } | null

Member Management

const members = await reauth.listOrgMembers('org-uuid');
// Returns: OrgMember[] — { id, orgId, endUserId, role, joinedAt }

await reauth.removeOrgMember('org-uuid', 'user-uuid');

const member = await reauth.updateMemberRole('org-uuid', 'user-uuid', 'owner');

Invitations

// Email invite
const invite = await reauth.inviteToOrg('org-uuid', 'user@example.com', 'member');
const pending = await reauth.listPendingInvites('org-uuid');
await reauth.revokeInvite('org-uuid', 'invite-uuid');
const { orgId, role } = await reauth.acceptInvite('invite-token');

// Shareable links
const link = await reauth.createInviteLink('org-uuid', 'member');
const links = await reauth.listInviteLinks('org-uuid');
await reauth.revokeInviteLink('org-uuid', 'link-uuid');
await reauth.joinViaLink('link-token');

Billing

See billing.md for concepts and patterns.

getPlans()

const plans = await reauth.getPlans();
// Returns: SubscriptionPlan[]
// { id, code, name, description, priceCents, currency, interval, intervalCount,
//   trialDays, features, displayOrder, creditsAmount, planType, contactUrl }

getSubscription()

const sub = await reauth.getSubscription();
// Returns: Subscription
// { id, planCode, planName, status, currentPeriodEnd, trialEnd, cancelAtPeriodEnd }

createCheckout(planCode, successUrl, cancelUrl)

const { checkoutUrl } = await reauth.createCheckout(
  'pro',
  'https://yourdomain.com/success',
  'https://yourdomain.com/pricing',
);
window.location.href = checkoutUrl;

subscribe(planCode)

Convenience method — creates checkout and redirects (browser-only):

await reauth.subscribe('pro');

openBillingPortal(returnUrl?)

Open Stripe customer portal (browser-only):

await reauth.openBillingPortal('https://yourdomain.com/settings');

cancelSubscription()

Cancel at period end:

await reauth.cancelSubscription();

Balance & Credits

See credits.md for concepts and patterns.

getBalance()

const { balance } = await reauth.getBalance();

getTransactions(opts?)

const { transactions } = await reauth.getTransactions({ limit: 20, offset: 0 });
// Returns: { transactions: BalanceTransaction[] }
// Each: { id, amountDelta, reason, balanceAfter, createdAt }

getCreditsConfig()

const config = await reauth.getCreditsConfig();
// Returns: CreditsConfig
// { creditsEnabled, creditsPerDollar, displayName, displaySymbol,
//   displaySymbolPosition, displayDecimals, minPurchaseCents, maxPurchaseCents,
//   manualTopUpAvailable, autoTopUpAvailable, overdrawEnabled }

Payment Methods

const methods = await reauth.getPaymentMethods();
// Returns: PaymentMethod[] — { id, provider, methodType, cardBrand, cardLast4, ... }

const { clientSecret, setupIntentId } = await reauth.createSetupIntent();
// Use clientSecret with Stripe.js confirmCardSetup()

await reauth.deletePaymentMethod('pm-uuid');
await reauth.reorderPaymentMethods(['pm-1', 'pm-2', 'pm-3']);

purchaseCredits(opts)

const result = await reauth.purchaseCredits({
  amountCents: 1000,           // $10.00
  paymentMethodId: 'pm-uuid',
  idempotencyKey: 'unique-key',
});
// Returns: CreditPurchaseResult
// { creditsPurchased, newBalance, paymentIntentId }

Auto Top-Up

const status = await reauth.getAutoTopUpStatus();
// Returns: AutoTopUpStatus
// { enabled, thresholdCents, purchaseAmountCents, status, lastFailureReason?, ... }

await reauth.updateAutoTopUp({
  enabled: true,
  thresholdCents: 500,        // Top up when below $5
  purchaseAmountCents: 2000,  // Purchase $20 worth
});