MonoCloud Web Authentication SDK – secure authentication for single-page applications and other browser-based JavaScript environments.
MonoCloud is a modern, developer-friendly Identity & Access Management platform.
This SDK provides a browser-side authentication client for single-page apps (SPAs) and any JavaScript environment running in the browser. It implements OAuth 2.0 / OpenID Connect with PKCE, handles redirect and popup flows, manages sessions and tokens, and serves as the foundation for higher-level framework SDKs (React, Vue, Angular, Svelte, Astro, etc.).
npm install @monocloud/auth-web-js
Create a shared MonoCloudWebJSClient instance and reuse it throughout your application.
import { MonoCloudWebJSClient } from '@monocloud/auth-web-js';
export const client = new MonoCloudWebJSClient({
tenantDomain: 'https://<your-tenant-domain>',
clientId: '<your-client-id>',
});
Call processCallback() once at application startup. It inspects the current URL and the persisted callback state to automatically complete a pending sign-in or sign-out flow — no per-route dispatch required. When the current URL is not an in-progress callback, it is a no-op.
await client.processCallback();
Start an authentication flow by redirecting the user to MonoCloud, or end the session and return the user to your sign-out callback.
await client.signIn();
await client.signOut();
Attempt to restore an authenticated session at app bootstrap without disrupting the user. Uses a hidden iframe with prompt=none; resolves to the new session on success, or rejects with a MonoCloudOPError (typically login_required) when the authorization server cannot satisfy the request without interaction.
import { MonoCloudOPError } from '@monocloud/auth-web-js';
try {
const session = await client.signInSilent();
console.log('Restored session for:', session.user);
} catch (error) {
if (error instanceof MonoCloudOPError && error.error === 'login_required') {
console.log('Not signed in');
} else {
throw error;
}
}
Retrieve the active session, including the authenticated user's profile and tokens. Returns null when no user is signed in.
const session = await client.getSession();
if (session) {
console.log(session.user);
}
auth-web-js?Use @monocloud/auth-web-js if you are building a browser-based JavaScript application and want a secure, OIDC-compliant authentication client without tying yourself to a specific UI framework.
This package is a good fit if you:
Higher-level packages build on top of auth-web-js and provide framework-specific ergonomics while reusing the same underlying browser implementation.
Do not report security issues publicly. Please follow the contact instructions at: https://www.monocloud.com/contact
Licensed under the MIT License. See the included LICENSE file.