Skip to main content
Defined in: server/src/auth/CrossmintAuthServer.ts:38 Server-side Crossmint authentication client: validate sessions, verify JWTs, refresh tokens, fetch users, and manage auth cookies. Works with both Node.js (IncomingMessage/ServerResponse) and Fetch API (Request/Response) request/response objects. Create an instance with CrossmintAuthServer.from.

Extends

  • CrossmintAuth

Methods

getJwksUri()

getJwksUri(): string
Defined in: common/auth/dist/CrossmintAuth.d.ts:14

Returns

string

Inherited from

CrossmintAuth.getJwksUri

getSession()

getSession(options, response?): Promise<AuthSession>
Defined in: server/src/auth/CrossmintAuthServer.ts:59 Validate the user’s session and return it, refreshing it if expired. Accepts either a request object (auth material is read from cookies) or the auth material itself ({ jwt, refreshToken }). If a response object is provided, refreshed auth material is stored in its cookies.

Parameters

ParameterType
optionsGenericRequest | AuthMaterialBasic
response?GenericResponse

Returns

Promise<AuthSession>

Throws

CrossmintAuthenticationError if no valid session can be established.

getUser()

getUser(externalUserId): Promise<any>
Defined in: server/src/auth/CrossmintAuthServer.ts:86 Fetch the Crossmint user associated with the given external user ID.

Parameters

ParameterType
externalUserIdstring

Returns

Promise<any>

handleCustomRefresh()

handleCustomRefresh(request, response?): Promise<GenericResponse>
Defined in: server/src/auth/CrossmintAuthServer.ts:102 Handle a token refresh request on a custom refresh route. Reads the refresh token from the request body or cookies, refreshes the session, and returns a response with the new auth material stored in cookies. Returns a 401 response if the refresh fails.

Parameters

ParameterType
requestGenericRequest
response?GenericResponse

Returns

Promise<GenericResponse>

logout()

logout(request?, response?): Promise<GenericResponse>
Defined in: server/src/auth/CrossmintAuthServer.ts:167 Log the user out: invalidate the refresh token with Crossmint and clear the auth cookies on the response.

Parameters

ParameterType
request?GenericRequest
response?GenericResponse

Returns

Promise<GenericResponse>

storeAuthMaterial()

storeAuthMaterial(response, authMaterial): void
Defined in: server/src/auth/CrossmintAuthServer.ts:162 Store auth material (JWT and refresh token) in the response’s cookies.

Parameters

ParameterType
responseGenericResponse
authMaterialAuthMaterial

Returns

void

verifyCrossmintJwt()

verifyCrossmintJwt(token, jwks?): Promise<JWTPayload>
Defined in: server/src/auth/CrossmintAuthServer.ts:154 Verify a Crossmint-issued JWT and return its decoded payload. Uses Crossmint’s JWKS endpoint unless a key set is provided.

Parameters

ParameterType
tokenstring
jwks?JSONWebKeySet

Returns

Promise<JWTPayload>

defaultApiClient()

static defaultApiClient(crossmint): CrossmintApiClient
Defined in: common/auth/dist/CrossmintAuth.d.ts:19

Parameters

ParameterType
crossmintCrossmint

Returns

CrossmintApiClient

Inherited from

CrossmintAuth.defaultApiClient

from()

static from(crossmint, options): CrossmintAuthServer
Defined in: server/src/auth/CrossmintAuthServer.ts:47 Create a CrossmintAuth instance from a Crossmint object (created with createCrossmint).

Parameters

ParameterType
crossmintCrossmint
optionsCrossmintAuthServerOptions

Returns

CrossmintAuthServer

Overrides

CrossmintAuth.from