Initializes a new instance of MonoCloudWebJSClient.
Configuration options for the client.
import { MonoCloudWebJSClient } from '@monocloud/auth-web-js';
export const client = new MonoCloudWebJSClient({
tenantDomain: 'https://<your-tenant>',
clientId: '<your-client-id>',
});
import { MonoCloudWebJSClient, MemoryStorage } from '@monocloud/auth-web-js';
import { router } from './router';
export const client = new MonoCloudWebJSClient({
tenantDomain: 'https://<your-tenant>',
clientId: '<your-client-id>',
storage: new MemoryStorage(),
postCallback: state => {
router.push(state.returnUrl ?? '/dashboard');
},
});
ReadonlyoidcUnderlying OpenID Connect client used for advanced authorization and token operations.
Use this when you need lower-level access to OIDC protocol operations not directly exposed by the SDK.
Retrieves the current session object from the configured storage.
The active session, or undefined if not authenticated.
Retrieves the active tokens for the current session.
If the access token is expired (or about to expire), this method automatically attempts to refresh it using the Refresh Token Grant before returning.
Optionaloptions: GetTokensOptionsOptions that control token retrieval (force refresh, scopes, resource).
The active tokens for the requested resource and scopes.
const tokens = await client.getTokens({
resource: 'https://api.example.com',
scopes: 'read:data',
});
MonoCloudValidationError If no session exists or the access token cannot be located.
Processes the authentication callback from the authorization server.
Call this once on application startup (typically in your entry point or router). It inspects the current URL together with the persisted callback state and automatically completes a pending sign-in or sign-out flow - there is no need to dispatch on the route yourself.
A promise that resolves when callback processing is complete.
Refetches user information from the UserInfo endpoint and updates the local session.
The default access token (matching the client's configured default resource and authorized scopes) is used to call the UserInfo endpoint.
await client.refetchUserInfo();
const session = await client.getSession();
console.log('Updated user data:', session?.user);
MonoCloudValidationError If the session is invalid or the default access token is missing.
Refreshes the current user's session using the OAuth 2.0 Refresh Token Grant.
Requires a session that includes a refresh token (obtained by including the offline_access scope at sign-in).
To start a fresh, non-interactive authorization (for example, on app bootstrap when there is no local session yet) use signInSilent() instead.
OptionalrefreshOptions: RefreshOptionsOptional configuration for the refresh flow.
A promise that resolves when the session has been refreshed.
await client.refreshSession({
refreshGrantOptions: {
resource: 'https://api.example.com',
scopes: 'read:data',
},
});
MonoCloudValidationError If the session is invalid or missing a refresh token.
Initiates the sign-in flow.
OptionalsignInOptions: SignInOptionsOptional configuration for the sign-in request.
Attempts to silently sign the user in using a hidden iframe and prompt=none.
Useful for restoring a session at app bootstrap when the user is signed in at MonoCloud but no local session exists yet (for example, after opening a new tab or a hard refresh that cleared in-memory storage).
The method runs a full authorization round-trip through a hidden iframe. If MonoCloud has a valid session it resolves to the new session. Otherwise it rejects with a MonoCloudOPError.
OptionalsignInSilentOptions: SignInSilentOptionsOptional configuration for the silent sign-in request.
The newly established session.
import { MonoCloudOPError } from '@monocloud/auth-web-js';
try {
const session = await client.signInSilent();
console.log('Restored session for:', session.user);
} catch (error) {
if (error instanceof MonoCloudOPError && error.error === 'login_required') {
console.log('Not signed in');
} else {
throw error;
}
}
MonoCloudOPError If the authorization server cannot satisfy the request - for example, because the user has no IdP session (login_required) or interaction is otherwise required.
MonoCloudJsError If the iframe cannot be created (for example, in a cross-origin-isolated context) or the authentication window times out.
Initiates the sign-out flow.
Clears the local session and, when federatedSignOut is enabled, also signs the user out of MonoCloud (Single Sign-Out).
OptionalsignOutOptions: SignOutOptionsOptional configuration for the sign-out request.
A promise that resolves when the sign-out flow has been initiated (redirect mode) or completed (popup mode).
MonoCloudWebJSClientis the core SDK entry point for integrating MonoCloud authentication into single-page applications (SPAs) and other browser-based JavaScript environments.Features:
prompt=none) for restoring SSO sessions at app bootstrap.Initialization