Interface: AuthClientConfig

Defined in: auth-client/src/core/types.ts:83

Configuration for createAuthClient — every field is optional except apiBaseUrl. Defaults give a sensible browser experience.

Properties

apiBaseUrl

apiBaseUrl: string

Defined in: auth-client/src/core/types.ts:86

Base URL of the auth-server, e.g. “https://auth.vendidit.com/api/v1”. No trailing slash. The SDK appends “/auth/login” etc.

appCode?

optional appCode?: string

Defined in: auth-client/src/core/types.ts:90

App scoping — required by the auth-server unless AUTH_ALLOW_BASE_USER_LOGIN is set. Persists across the session.

attachAuthHeader?

optional attachAuthHeader?: boolean

Defined in: auth-client/src/core/types.ts:105

When true (default), the SDK attaches an Authorization header to fetch calls made via the package’s HTTP helper. Disable if your app uses cookie-based auth (set HttpOnly cookie via /auth/login).

autoRetryOn401?

optional autoRetryOn401?: boolean

Defined in: auth-client/src/core/types.ts:133

When true, the SDK auto-refreshes + retries on 401 for calls made through authenticatedRequest(). On refresh failure, emits session_expired and clears local state. Default true.

bootstrap?

optional bootstrap?: "offline" | "auto" | "lazy"

Defined in: auth-client/src/core/types.ts:128

Strategy for the initial auth check at construction time.

‘auto’ (default): on construct, the client reads cached tokens, refreshes if near-expiry, and confirms the session via /auth/me. ready() resolves once that handshake completes (or fails). UIs typically gate their first render on ready().
‘lazy’: skip the proactive check. Trust the cached state until the first request fails. Cheaper boot, at the cost of possibly rendering an authenticated UI for a tick before the server tells us otherwise.
‘offline’: disable all auth. isAuthenticated() returns false, getCurrentUser() returns null. Flow methods that would make a network call throw OfflineModeError. Useful for embedding the SDK in static demos / styleguides / Storybook.

enableCrossTabSync?

optional enableCrossTabSync?: boolean

Defined in: auth-client/src/core/types.ts:111

Per-tab default: false. When true, the SDK uses BroadcastChannel to publish auth events (“authenticated”, “loggedOut”) so multiple tabs stay in sync. Falls back to a no-op when BroadcastChannel is unavailable (older browsers / SSR).

ports?

optional ports?: Partial<AuthClientPorts>

Defined in: auth-client/src/core/types.ts:138

Override the default ports (storage, transport, etc.) — see AuthClientPorts. Useful for SSR (memory storage, fetch polyfill) or tests (deterministic clock, instrumented transport).

refreshLeewaySeconds?

optional refreshLeewaySeconds?: number

Defined in: auth-client/src/core/types.ts:100

Refresh leeway in seconds — when the access token is within this window of expiry, the SDK preemptively refreshes on the next fetch interception. Default: 60.

storageNamespace?

optional storageNamespace?: string

Defined in: auth-client/src/core/types.ts:95

Storage namespace prefix for token-store keys. Lets two installs of the SDK on the same origin coexist without colliding (e.g., marketplace + admin in the same tab). Default: “vendidit_auth”.