Skip to main content

TypeScript Types

Complete type reference for the Auth-Agent JavaScript/TypeScript SDK.

Configuration Types

SDKConfig

Configuration object for initializing the AgentSDK.
Properties:
agentId
string
required
Your unique agent identifier (client ID)
agentSecret
string
Agent secret for confidential clients (optional)
serverUrl
string
Auth server URL (default: process.env.AUTH_SERVER_URL or 'https://api.auth-agent.com')
timeout
number
Request timeout in milliseconds (default: 10000)
customFetch
typeof fetch
Custom fetch implementation for HTTP requests
onTokensReceived
(tokens: TokenResponse) => void | Promise<void>
Callback invoked when new tokens are received
onTokensRefreshed
(tokens: TokenResponse) => void | Promise<void>
Callback invoked when tokens are refreshed
onTokensRevoked
() => void | Promise<void>
Callback invoked when tokens are revoked
Example:

OAuth & Token Types

TokenResponse

OAuth 2.1 token response from the server.
Properties:
access_token
string
required
OAuth access token for API requests
token_type
'Bearer'
required
Token type (always 'Bearer')
expires_in
number
required
Seconds until token expiration
refresh_token
string
Refresh token for obtaining new access tokens
id_token
string
OpenID Connect ID token (JWT)
scope
string
required
Space-separated list of granted scopes
Example:

TokenManager

Interface for token manager state.
Properties:
accessToken
string | null
Current access token
idToken
string | null
Current OpenID Connect ID token
refreshToken
string | null
Current refresh token
tokenType
string
Token type (always 'Bearer')
expiresAt
number | null
Token expiration timestamp in milliseconds
scopes
string | null
Space-separated list of granted scopes

AuthorizationUrlOptions

Options for generating an authorization URL.
Properties:
redirectUri
string
required
OAuth callback URL
scope
string
Space-separated list of requested scopes (default: 'openid profile email agent')
state
string
Custom state parameter for CSRF protection (auto-generated if not provided)
Example:

PKCEPair

PKCE code verifier and challenge pair.
Properties:
codeVerifier
string
required
Random base64url-encoded string (stored for token exchange)
codeChallenge
string
required
SHA-256 hash of code verifier (sent to authorization server)
Example:

User & Agent Types

UserInfo

OpenID Connect user information from /oauth2/userinfo endpoint.
Properties:
sub
string
required
Subject identifier (user ID)
agent_id
string
required
Agent identifier
name
string
User’s display name
email
string
User’s email address
model_name
string
required
AI model name (e.g., ‘gpt-4’, ‘claude-3’)
permissions
string[]
Array of granted permissions
Example:

AgentProfile

Agent profile information.
Properties:
agent_id
string
required
Unique agent identifier
model_name
string
required
AI model name
owner_name
string
required
Agent owner’s name
owner_email
string
required
Agent owner’s email
permissions
string[]
required
Array of agent permissions
disabled
boolean
required
Whether agent is disabled
created_at
string
required
ISO 8601 timestamp of creation
updated_at
string
required
ISO 8601 timestamp of last update
Example:

Registration & Authentication Types

AgentRegistrationRequest

Request payload for registering a new agent.
Properties:
agent_id
string
required
Unique identifier for the agent
agent_secret
string
required
Secure secret key for the agent
model_name
string
required
AI model name (e.g., ‘gpt-4’, ‘claude-3’)
owner_name
string
required
Agent owner’s full name
owner_email
string
required
Agent owner’s email address
Example:

AgentRegistrationResponse

Response from agent registration.
Properties:
success
boolean
required
Whether registration was successful
agent_id
string
required
The registered agent ID
message
string
required
Success or error message
Example:

AgentAuthRequest

Request payload for agent authentication (legacy challenge flow).
Properties:
agent_id
string
required
Agent identifier
agent_secret
string
required
Agent secret key
model_name
string
required
AI model name
client_id
string
required
OAuth client ID
redirect_uri
string
required
OAuth redirect URI
state
string
OAuth state parameter
scope
string
Requested scopes
code_challenge
string
PKCE code challenge
code_challenge_method
string
PKCE method (should be ‘S256’)

AgentAuthResponse

Response from agent authentication.
Properties:
session_id
string
required
Unique session identifier
next_step
'challenge'
required
Next step in authentication flow
challenge_url
string
required
URL for completing the challenge
expires_in
number
required
Session expiration in seconds

Event & Verification Types

EventData

Event data for tracking and analytics.
Properties:
event
string
required
Event type/name
selector
string
CSS selector or element identifier
site
string
Site or domain name
evidence
string
Evidence or proof of action
result
string
Event result or outcome
Example:

ChallengeResponse

Response from requesting a verification challenge.
Properties:
ok
boolean
required
Whether request was successful
challenge
string
Challenge string to verify
expires
number
Challenge expiration timestamp
sig
string
Challenge signature
verify_ctx_id
string
Verification context ID
message
string
Response message
Example:

VerificationConfirmRequest

Request payload for confirming verification.
Properties:
challenge
string
required
Challenge string from ChallengeResponse
expires
number
required
Challenge expiration timestamp
sig
string
required
Challenge signature
verify_ctx_id
string
required
Verification context ID
Example:

IntrospectionResponse

Token introspection response.
Properties:
active
boolean
required
Whether token is active and valid
scope
string
Space-separated list of scopes
client_id
string
Client identifier
username
string
Username (if available)
token_type
string
Token type
exp
number
Expiration timestamp (Unix time)
iat
number
Issued at timestamp (Unix time)
sub
string
Subject identifier
Example:

Error Types

AuthError

Extended error type for authentication errors.
Properties:
code
string
required
Error code (e.g., ‘token_expired’, ‘state_mismatch’)
description
string
Human-readable error description
statusCode
number
HTTP status code (if applicable)
Example:
Common Error Codes:
  • state_mismatch - State parameter mismatch (CSRF)
  • pkce_missing - Code verifier not found
  • token_expired - Access token expired
  • forbidden - Insufficient permissions
  • no_refresh_token - Refresh token not provided
  • refresh_failed - Token refresh failed
  • revoke_failed - Token revocation failed
  • introspection_failed - Token introspection failed
  • no_token - Token required but not provided

Type Guards

You can use TypeScript type guards to safely work with SDK types:

Complete Type Usage Example

Next Steps

Getting Started

Learn how to use the SDK

AgentSDK Methods

Explore all available methods

Configuration

SDK configuration options

Examples

See practical examples