Node.js

Authenticate requests and manage Passage users with Node.js.

NPM version

Prerequisites

Passage App ID and API Key from Passage Console

Install

Install the passage-node (opens in a new tab) package.

npm i @passageidentity/passage-node

Initialize

App.ts
const passage = new Passage({
    appId: process.env.PASSAGE_APP_ID!,
    apiKey: process.env.PASSAGE_API_KEY!,
});

Authenticating requests

The Passkey Complete Node.js SDK provides a way to validate JWT-authenticated requests. To learn more, see our full guide on JWTs.

app.get('/protected-route', async (req, res) => {
    // Get Passage JWT from the request's Authorization header
    const authHeader = req.headers['Authorization'];
    // Drop the 'Bearer' prefix
    const token = authHeader.split(' ')[1];
 
    // Validate JWT using Passage
    try {
        const userId: string = await passage.auth.validateJwt(token);
 
        // Token is valid
        const user: PassageUser = await passage.user.get(userId);
 
        console.log(user);
    } catch (err) {
        // Token is invalid
    }
});

User management

In addition to authenticating requests, the Passkey Complete Node.js SDK also provides a way to securely manage users. These functions require authentication using a Passage API key. API keys can be managed in the Passage Console.

The functionality currently available on a user is:

  • Get a user's information (including any defined user metadata)
  • Activate or deactivate a user (a deactivated user will not be able to log in)
  • Update a user's information (email address or phone number)
  • Revoke a user's refresh tokens
  • Delete a user
  • Create a user

User device management

The functionality currently available is:

  • List all devices for a user
  • Revoke a particular device from a user

Creating Magic Links

The Passkey Complete Node.js SDK can be used to generate custom Magic Links for users, that can be embedded into any content medium. To learn more, see our full guide on Embedded Magic Links.

// With an email
const magicLink: MagicLink = passage.auth.createMagicLink({
    email: 'test.email@mail.com',
    type: MagicLinkType.Login,
    send: true,
});
 
// With a phone number
const magicLink: MagicLink = passage.auth.createMagicLink({
    phone: '+15125550000',
    type: MagicLinkType.Login,
    send: true,
});
 
// With a passage user id
const magicLink: MagicLink = passage.auth.createMagicLink({
    userId: passageUserId,
    channel: MagicLinkChannel.Email,
    type: MagicLinkType.Login,
    send: true,
});
 
// Any of the above with options
const magicLink: MagicLink = passage.auth.createMagicLink(
    {
        email: 'test.email@mail.com',
        type: MagicLinkType.Login,
        send: true,
    },
    {
        language: MagicLinkLanguage.Es,
        magicLinkPath: '/some/path',
        redirectUrl: '/redirect/to/dashboard/path',
        ttl: 20, // minutes
    },
);