|
| 1 | +# Node.js SDK for Zitadel |
| 2 | + |
| 3 | +This is the Zitadel Node.js SDK, designed to provide a convenient and idiomatic |
| 4 | +way to interact with the Zitadel APIs in Node.js. The SDK provides a seamless |
| 5 | +wrapping of the Zitadel API, making it easy to authenticate service users and |
| 6 | +perform API operations. |
| 7 | + |
| 8 | +The SDK enables efficient integration with the Zitadel API, allowing you to |
| 9 | +manage resources and execute actions. However, it's important to note that |
| 10 | +this SDK is tailored for service users and is not intended for user |
| 11 | +authentication scenarios. It does not support authentication mechanisms |
| 12 | +like OAuth2, OIDC, or SAML for client applications, including web, mobile, |
| 13 | +or other environments. For these types of user authentication, you should |
| 14 | +use other libraries that are designed for the specific platform and |
| 15 | +authentication method. |
| 16 | + |
| 17 | +**Disclaimer**: This SDK is not suitable for implementing user authentication. |
| 18 | +It does not handle authentication for client applications using OAuth2, OIDC, |
| 19 | +or SAML and should not be used for scenarios requiring such functionality. |
| 20 | +For those use cases, consider using other solutions that are designed for |
| 21 | +user authentication across various platforms like web, mobile, or other |
| 22 | +client environments. |
| 23 | + |
| 24 | +> [!IMPORTANT] |
| 25 | +> Please be aware that this SDK is currently in an incubating stage. We are releasing it to the community to gather |
| 26 | +> feedback and learn how it is being used. While you are welcome to use it, please note that the API and functionality may |
| 27 | +> evolve based on community input. We encourage you to try it out and share your experiences, but advise caution when |
| 28 | +> considering it for production environments as future updates may introduce changes. |
| 29 | +
|
| 30 | +## Getting Started |
| 31 | + |
| 32 | +### Sign up for Zitadel |
| 33 | + |
| 34 | +To use this SDK, you need a Zitadel account. Sign up at the official |
| 35 | +Zitadel website and obtain the necessary credentials to access the API. |
| 36 | + |
| 37 | +### Minimum Requirements |
| 38 | + |
| 39 | +Ensure you have Node.js 20 or higher installed. You also need npm to |
| 40 | +install dependencies. |
| 41 | + |
| 42 | +## Using the SDK |
| 43 | + |
| 44 | +### Installation |
| 45 | + |
| 46 | +Install the SDK by running one of the following commands: |
| 47 | + |
| 48 | +```bash |
| 49 | +npm install @zitadel/zitadel-node |
| 50 | +``` |
| 51 | + |
| 52 | +## Authentication Methods |
| 53 | + |
| 54 | +Your SDK offers three ways to authenticate with Zitadel. Each method has its |
| 55 | +own benefits—choose the one that fits your situation best. |
| 56 | + |
| 57 | +#### 1. Private Key JWT Authentication |
| 58 | + |
| 59 | +**What is it?** |
| 60 | +You use a JSON Web Token (JWT) that you sign with a private key stored in a |
| 61 | +JSON file. This process creates a secure token. |
| 62 | + |
| 63 | +**When should you use it?** |
| 64 | + |
| 65 | +- **Best for production:** It offers strong security. |
| 66 | +- **Advanced control:** You can adjust token settings like expiration. |
| 67 | + |
| 68 | +**How do you use it?** |
| 69 | + |
| 70 | +1. Save your private key in a JSON file. |
| 71 | +2. Use the provided method to load this key and create a JWT-based |
| 72 | + authenticator. |
| 73 | + |
| 74 | +**Example:** |
| 75 | + |
| 76 | +```ts |
| 77 | +import Zitadel, { ApiException } from '@zitadel/zitadel-node'; |
| 78 | + |
| 79 | +const zitadel = await Zitadel.withPrivateKey( |
| 80 | + 'https://example.us1.zitadel.cloud', |
| 81 | + 'path/to/jwt-key.json', |
| 82 | +); |
| 83 | + |
| 84 | +try { |
| 85 | + const response = await zitadel.users.addHumanUser({ |
| 86 | + userServiceAddHumanUserRequest: { |
| 87 | + username: 'john.doe', |
| 88 | + profile: { |
| 89 | + givenName: 'John', |
| 90 | + familyName: 'Doe', |
| 91 | + }, |
| 92 | + email: { |
| 93 | + |
| 94 | + }, |
| 95 | + }, |
| 96 | + }); |
| 97 | + console.log('User created: ' + JSON.stringify(response, null, 2)); |
| 98 | +} catch (e) { |
| 99 | + if (e instanceof ApiException) { |
| 100 | + console.log('Error: ' + e.message); |
| 101 | + } |
| 102 | +} |
| 103 | +``` |
| 104 | + |
| 105 | +#### 2. Client Credentials Grant |
| 106 | + |
| 107 | +**What is it?** |
| 108 | +This method uses a client ID and client secret to get a secure access token, |
| 109 | +which is then used to authenticate. |
| 110 | + |
| 111 | +**When should you use it?** |
| 112 | + |
| 113 | +- **Simple and straightforward:** Good for server-to-server communication. |
| 114 | +- **Trusted environments:** Use it when both servers are owned or trusted. |
| 115 | + |
| 116 | +**How do you use it?** |
| 117 | + |
| 118 | +1. Provide your client ID and client secret. |
| 119 | +2. Build the authenticator |
| 120 | + |
| 121 | +**Example:** |
| 122 | + |
| 123 | +```ts |
| 124 | +import Zitadel, { ApiException } from '@zitadel/zitadel-node'; |
| 125 | + |
| 126 | +const zitadel = await Zitadel.withClientCredentials( |
| 127 | + 'https://example.us1.zitadel.cloud', |
| 128 | + 'id', |
| 129 | + 'secret', |
| 130 | +); |
| 131 | + |
| 132 | +try { |
| 133 | + const response = await zitadel.users.addHumanUser({ |
| 134 | + userServiceAddHumanUserRequest: { |
| 135 | + username: 'john.doe', |
| 136 | + profile: { |
| 137 | + givenName: 'John', |
| 138 | + familyName: 'Doe', |
| 139 | + }, |
| 140 | + email: { |
| 141 | + |
| 142 | + }, |
| 143 | + }, |
| 144 | + }); |
| 145 | + console.log('User created: ' + JSON.stringify(response, null, 2)); |
| 146 | +} catch (e) { |
| 147 | + if (e instanceof ApiException) { |
| 148 | + console.log('Error: ' + e.message); |
| 149 | + } |
| 150 | +} |
| 151 | +``` |
| 152 | + |
| 153 | +#### 3. Personal Access Tokens (PATs) |
| 154 | + |
| 155 | +**What is it?** |
| 156 | +A Personal Access Token (PAT) is a pre-generated token that you can use to |
| 157 | +authenticate without exchanging credentials every time. |
| 158 | + |
| 159 | +**When should you use it?** |
| 160 | + |
| 161 | +- **Easy to use:** Great for development or testing scenarios. |
| 162 | +- **Quick setup:** No need for dynamic token generation. |
| 163 | + |
| 164 | +**How do you use it?** |
| 165 | + |
| 166 | +1. Obtain a valid personal access token from your account. |
| 167 | +2. Create the authenticator with: `PersonalAccessTokenAuthenticator` |
| 168 | + |
| 169 | +**Example:** |
| 170 | + |
| 171 | +```ts |
| 172 | +import Zitadel, { ApiException } from '@zitadel/zitadel-node'; |
| 173 | + |
| 174 | +const zitadel = Zitadel.withAccessToken( |
| 175 | + 'https://example.us1.zitadel.cloud', |
| 176 | + 'token', |
| 177 | +); |
| 178 | + |
| 179 | +try { |
| 180 | + const response = await zitadel.users.addHumanUser({ |
| 181 | + userServiceAddHumanUserRequest: { |
| 182 | + username: 'john.doe', |
| 183 | + profile: { |
| 184 | + givenName: 'John', |
| 185 | + familyName: 'Doe', |
| 186 | + }, |
| 187 | + email: { |
| 188 | + |
| 189 | + }, |
| 190 | + }, |
| 191 | + }); |
| 192 | + console.log('User created: ' + JSON.stringify(response, null, 2)); |
| 193 | +} catch (e) { |
| 194 | + if (e instanceof ApiException) { |
| 195 | + console.log('Error: ' + e.message); |
| 196 | + } |
| 197 | +} |
| 198 | +``` |
| 199 | + |
| 200 | +--- |
| 201 | + |
| 202 | +Choose the authentication method that best suits your needs based on your |
| 203 | +environment and security requirements. For more details, please refer to the |
| 204 | +[Zitadel documentation on authenticating service users](https://zitadel.com/docs/guides/integrate/service-users/authenticate-service-users). |
| 205 | + |
| 206 | +## Design and Dependencies |
| 207 | + |
| 208 | +This SDK is designed to be lean and efficient, focusing on providing a |
| 209 | +streamlined way to interact with the Zitadel API. It relies on standard |
| 210 | +HTTP libraries for making requests, which ensures that |
| 211 | +the SDK integrates well with other libraries and provides flexibility |
| 212 | +in terms of request handling and error management. |
| 213 | + |
| 214 | +## Versioning |
| 215 | + |
| 216 | +A key aspect of our strategy is that the SDK's major version is synchronized with the ZITADEL core project's major |
| 217 | +version to ensure compatibility. For a detailed explanation of this policy and our release schedule, please see |
| 218 | +our [Versioning Guide](VERSIONING.md). |
| 219 | + |
| 220 | +## Contributing |
| 221 | + |
| 222 | +This repository is autogenerated. We do not accept direct contributions. |
| 223 | +Instead, please open an issue for any bugs or feature requests. |
| 224 | + |
| 225 | +## Reporting Issues |
| 226 | + |
| 227 | +If you encounter any issues or have suggestions for improvements, please |
| 228 | +open an issue in the [issue tracker](https://github.com/zitadel/client-nodejs/issues). |
| 229 | +When reporting an issue, please provide the following information to help |
| 230 | +us address it more effectively: |
| 231 | + |
| 232 | +- A detailed description of the problem or feature request |
| 233 | +- Steps to reproduce the issue (if applicable) |
| 234 | +- Any relevant error messages or logs |
| 235 | +- Environment details (e.g., OS version, relevant configurations) |
| 236 | + |
| 237 | +## Support |
| 238 | + |
| 239 | +If you need help setting up or configuring the SDK (or anything |
| 240 | +Zitadel), please head over to the [Zitadel Community on Discord](https://zitadel.com/chat). |
| 241 | + |
| 242 | +There are many helpful people in our Discord community who are ready to |
| 243 | +assist you. |
| 244 | + |
| 245 | +Cloud and enterprise customers can additionally reach us privately via our |
| 246 | +[support communication channels](https://zitadel.com/docs/legal/service-description/support-services). |
| 247 | + |
| 248 | +## License |
| 249 | + |
| 250 | +This SDK is distributed under the Apache 2.0 License. |
0 commit comments