Skip to main content
Version: 9.0.X

API Reference

init({apiDomain, apiBasePath?, sessionExpiredStatusCode?, sessionScope?, autoAddCredentials?, isInIframe?, cookieDomain?, override?, onHandleEvent?, preAPIHook?})#

Parameters#

apiDomain#

  • Type: string
  • Should be the URL of your API domain.

apiBasePath (Optional)#

  • Type: string
  • Default: /auth
  • Should be the path in your API domain that is controlled by SuperTokens. The default value is /auth. So by default, the SDK will send a POST request to apiDomain + "/auth/session/refresh" for refreshing a session.

sessionExpiredStatusCode (Optional)#

  • Type: number
  • Default: 401
  • HTTP status code that indicates session expiry - as sent by your APIs.

sessionScope (Optional)#

  • Type: string
  • Default: undefined.
  • Set this if you want to share a session across sub domains. For example, if users login via example.com and are redirected to a subdomain like xyz.example.com, then the value of this should be ".example.com".

autoAddCredentials (Optional)#

  • Type: boolean
  • Default true
  • Setting this to true adds credentials: "include" to all requests. This is needed for cross origin requests (website is on example.com and API is on api.example.com)

isInIframe (Optional)#

  • Type: boolean
  • Default: false
  • Set this to true if your frontend can be used in an iframe. Remember that this means you will have to use https for your website domain while in development.

cookieDomain (Optional)#

  • Type: string
  • Default: undefined
  • This value can be used to enable session management across multiple API sub domains.

override (Optional)#

  • Type: object
  • Default: undefined
  • Use this to override the default behavior of how sessions is managed on the frontend.

onHandleEvent (Optional)#

  • Type: function
  • Default: undefined
  • Define this callback to handle events that are fired from this SDK

preAPIHook (Optional)#

  • Type: function
  • Default: undefined
  • Define this callback to modify requests that are sent to your backend API

Returns#

void

Throws#

Nothing


addAxiosInterceptors(axios)#

Parameters#

axios instance

Returns#

void

Throws#

Nothing


doesSessionExist()#

Parameters#

None

Returns#

Promise<boolean>

Throws#

Nothing


attemptRefreshingSession()#

Parameters#

None

Returns#

Promise<boolean>

Throws#

  • Identical to an error thrown by fetch.
  • An Error object if the init function is not called.

getUserId()#

Parameters#

None

Returns#

Promise<string>

Throws#

An Error object if a session does not exist


getJWTPayloadSecurely()#

Parameters#

None

Returns#

Promise<JSON object>

Throws#

An Error object if reading failed due to:

  • session not existing
  • refreshing failed

signOut()#

Parameters#

None

Returns#

Promise<void>

Throws#

  • An Error object if response status code is not 2xx and not equal to session expired status code