{"id":46627779,"url":"https://github.com/tenxyte/tenxyte-js","last_synced_at":"2026-04-02T14:00:04.811Z","repository":{"id":342868788,"uuid":"1174959569","full_name":"tenxyte/tenxyte-js","owner":"tenxyte","description":"Official client SDK for integrating a Tenxyte-powered backend into any JavaScript or TypeScript application — Node.js, browsers, React, Vue, or vanilla JS.","archived":false,"fork":false,"pushed_at":"2026-04-01T12:40:01.000Z","size":585,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-04-01T14:47:48.951Z","etag":null,"topics":["2fa","authentication","b2b","gdpr","jwt","passkeys","rbac","tenxyte"],"latest_commit_sha":null,"homepage":"https://tenxyte.readthedocs.io/en/latest/integration/javascript/","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/tenxyte.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-03-07T03:26:12.000Z","updated_at":"2026-04-01T12:40:06.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/tenxyte/tenxyte-js","commit_stats":null,"previous_names":["tenxyte/tenxyte-js"],"tags_count":11,"template":false,"template_full_name":null,"purl":"pkg:github/tenxyte/tenxyte-js","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tenxyte%2Ftenxyte-js","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tenxyte%2Ftenxyte-js/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tenxyte%2Ftenxyte-js/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tenxyte%2Ftenxyte-js/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tenxyte","download_url":"https://codeload.github.com/tenxyte/tenxyte-js/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tenxyte%2Ftenxyte-js/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31307445,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-02T12:59:32.332Z","status":"ssl_error","status_checked_at":"2026-04-02T12:54:48.875Z","response_time":89,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["2fa","authentication","b2b","gdpr","jwt","passkeys","rbac","tenxyte"],"created_at":"2026-03-07T23:07:55.999Z","updated_at":"2026-04-02T14:00:04.803Z","avatar_url":"https://github.com/tenxyte.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"![# TENXYTE • AI-Ready Backend Framework](https://tenxyte-graphics.s3.us-east-1.amazonaws.com/tenxyte-graphics/baniere_github.jpg)\n\n# Tenxyte JS SDK\n\n\u003e Official JavaScript/TypeScript SDK for Tenxyte — Authentication, RBAC, 2FA, Magic Links, Passkeys, Social Login, Organizations (B2B), AI Agent Security, GDPR, and more.\n\n[![npm @tenxyte/core](https://img.shields.io/npm/v/@tenxyte/core.svg?label=@tenxyte/core)](https://www.npmjs.com/package/@tenxyte/core)\n[![npm @tenxyte/react](https://img.shields.io/npm/v/@tenxyte/react.svg?label=@tenxyte/react)](https://www.npmjs.com/package/@tenxyte/react)\n[![npm @tenxyte/vue](https://img.shields.io/npm/v/@tenxyte/vue.svg?label=@tenxyte/vue)](https://www.npmjs.com/package/@tenxyte/vue)\n[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)\n[![CI](https://github.com/tenxyte/tenxyte-js/actions/workflows/ci.yml/badge.svg)](https://github.com/tenxyte/tenxyte-js/actions/workflows/ci.yml)\n\n---\n\n## Quickstart — 2 minutes to your first API call\n\n### 1. Install\n\n```bash\nnpm install @tenxyte/core\n```\n\n\u003e **Requirements:** Node.js 18+ or any modern browser. TypeScript types are included.\n\n### 2. Initialize\n\n```typescript\nimport { TenxyteClient } from '@tenxyte/core';\n\nconst tx = new TenxyteClient({\n    baseUrl: 'https://api.my-backend.com',\n    headers: { 'X-Access-Key': '\u003cyour-access-key\u003e' },\n});\n```\n\n### 3. First API call\n\n```typescript\n// Register\nconst result = await tx.auth.register({\n    email: 'user@example.com',\n    password: 'SecureP@ss1!',\n    first_name: 'John',\n    last_name: 'Doe',\n});\n\n// Login\nconst tokens = await tx.auth.loginWithEmail({\n    email: 'user@example.com',\n    password: 'SecureP@ss1!',\n    device_info: '',\n});\n\n// Authenticated request — Authorization header is injected automatically\nconst profile = await tx.user.getProfile();\n```\n\n\u003e **Important:** Never expose `X-Access-Secret` in frontend bundles. Use it exclusively server-side.\n\nThat's it — tokens are stored automatically, 401s trigger silent refresh, and `Authorization` is injected on every request.\n\n---\n\n## Packages\n\nThis monorepo contains three packages, published independently to npm:\n\n| Package | Version | Description |\n|---|---|---|\n| [`@tenxyte/core`](./packages/core) | ![npm](https://img.shields.io/npm/v/@tenxyte/core.svg) | Framework-agnostic core SDK — works in Node.js, browsers, and any JS runtime |\n| [`@tenxyte/react`](./packages/react) | ![npm](https://img.shields.io/npm/v/@tenxyte/react.svg) | React hooks (`useAuth`, `useUser`, `useOrganization`, `useRbac`) with automatic re-renders |\n| [`@tenxyte/vue`](./packages/vue) | ![npm](https://img.shields.io/npm/v/@tenxyte/vue.svg) | Vue 3 composables (`useAuth`, `useUser`, `useOrganization`, `useRbac`) with reactive refs |\n\n### Framework Bindings\n\n**React** — Wrap your app once, use hooks everywhere:\n\n```tsx\nimport { TenxyteProvider, useAuth } from '@tenxyte/react';\n\n// In your root\n\u003cTenxyteProvider client={tx}\u003e\n    \u003cApp /\u003e\n\u003c/TenxyteProvider\u003e\n\n// In any component\nconst { isAuthenticated, loginWithEmail, logout } = useAuth();\n```\n\n**Vue** — Install the plugin, use composables:\n\n```vue\n\u003c!-- main.ts --\u003e\napp.use(tenxytePlugin, tx);\n\n\u003c!-- Any component --\u003e\n\u003cscript setup\u003e\nconst { isAuthenticated, loginWithEmail, logout } = useAuth();\n\u003c/script\u003e\n```\n\n---\n\n## Key Features\n\n✨ **Core Authentication**\n- JWT with access + refresh tokens, auto-rotation, blacklisting\n- Login via email / phone, Magic Links (passwordless), Passkeys (WebAuthn/FIDO2)\n- Social Login — Google, GitHub, Microsoft, Facebook (with PKCE support)\n- Cookie-based refresh tokens (HttpOnly `Set-Cookie` transport)\n- Multi-application support (`X-Access-Key` / `X-Access-Secret`)\n\n🔐 **Security**\n- 2FA (TOTP) — Google Authenticator, Authy\n- OTP via email and SMS, password breach check (HaveIBeenPwned, k-anonymity)\n- WebAuthn/Passkeys registration and authentication\n- Auto-refresh interceptor — silent 401 → refresh → retry\n\n👥 **RBAC**\n- Synchronous JWT role/permission checks (zero network calls)\n- CRUD operations for roles, permissions, user assignments\n\n🏢 **Organizations (B2B)**\n- Multi-tenant with hierarchical tree, per-org roles \u0026 memberships\n- Context switching via `X-Org-Slug` header (automatic)\n\n🤖 **AI Agent Security (AIRS)**\n- Agent token lifecycle (create, revoke, suspend)\n- Human-in-the-Loop approval flows\n- Usage reporting, heartbeat, circuit breakers\n- Prompt traceability (`X-Prompt-Trace-ID`)\n\n🛡️ **GDPR Compliance**\n- Account deletion flows with 30-day grace period\n- Data export (right to portability)\n- Admin deletion request management\n\n📊 **Dashboard**\n- Global, auth, security, GDPR, and per-org statistics\n\n⚙️ **Developer Experience**\n- Full TypeScript types (generated from OpenAPI)\n- Pluggable storage (`LocalStorageAdapter`, `MemoryStorage`, or custom)\n- Configurable retry with exponential backoff (429/5xx)\n- Typed EventEmitter (`session:expired`, `token:refreshed`, `token:stored`)\n- Pluggable logger with log levels\n\n---\n\n## Installation Options\n\n```bash\n# Core SDK (Node.js, browsers, any JS runtime)\nnpm install @tenxyte/core\n\n# React bindings (requires React 18+ or 19+)\nnpm install @tenxyte/core @tenxyte/react\n\n# Vue bindings (requires Vue 3.3+)\nnpm install @tenxyte/core @tenxyte/vue\n```\n\n---\n\n## SDK Modules\n\nThe `TenxyteClient` exposes 10 domain modules:\n\n| Module | Access | Description |\n|---|---|---|\n| **Auth** | `tx.auth` | Login, register, logout, refresh, magic link, social OAuth2 |\n| **Security** | `tx.security` | 2FA/TOTP, OTP, password management, WebAuthn/Passkeys |\n| **RBAC** | `tx.rbac` | Synchronous JWT checks + CRUD for roles \u0026 permissions |\n| **User** | `tx.user` | Profile CRUD, avatar upload, admin user operations |\n| **B2B** | `tx.b2b` | Organization CRUD, members, invitations, context switching |\n| **AI** | `tx.ai` | Agent tokens, HITL, heartbeat, usage reporting, traceability |\n| **Applications** | `tx.applications` | API client management, credential regeneration |\n| **Admin** | `tx.admin` | Audit logs, login attempts, blacklisted/refresh tokens |\n| **GDPR** | `tx.gdpr` | Account deletion flows, data export, admin processing |\n| **Dashboard** | `tx.dashboard` | Global, auth, security, GDPR, org statistics |\n\nSee the full [`@tenxyte/core` README](./packages/core/README.md) for detailed code examples of every module.\n\n---\n\n## Configuration\n\n```typescript\nconst tx = new TenxyteClient({\n    // Required\n    baseUrl: 'https://api.my-service.com',\n\n    // Optional — extra headers for every request\n    headers: { 'X-Access-Key': 'pkg_abc123' },\n\n    // Optional — token storage (default: MemoryStorage)\n    storage: new LocalStorageAdapter(),    // browser persistence\n    // storage: new MemoryStorage(),       // Node.js / SSR\n\n    // Optional — auto-refresh 401s silently (default: true)\n    autoRefresh: true,\n\n    // Optional — auto-inject device fingerprint (default: true)\n    autoDeviceInfo: true,\n\n    // Optional — request timeout in ms\n    timeoutMs: 10_000,\n\n    // Optional — retry config for 429/5xx\n    retryConfig: { maxRetries: 3, baseDelayMs: 500 },\n\n    // Optional — callback when session is unrecoverable\n    onSessionExpired: () =\u003e router.push('/login'),\n\n    // Optional — pluggable logger\n    logger: console,\n    logLevel: 'debug', // 'silent' | 'error' | 'warn' | 'debug'\n\n    // Optional — cookie-based refresh token transport (default: false)\n    // Enable when backend has TENXYTE_REFRESH_TOKEN_COOKIE_ENABLED=True\n    cookieMode: false,\n});\n```\n\n---\n\n## SDK Events\n\n| Event | Payload | When |\n|---|---|---|\n| `session:expired` | `void` | Refresh token expired, session unrecoverable |\n| `token:refreshed` | `{ accessToken: string }` | Access token silently rotated |\n| `token:stored` | `{ accessToken: string; refreshToken?: string }` | Tokens persisted after login/register/refresh |\n| `agent:awaiting_approval` | `{ action: unknown }` | AI agent action requires human confirmation |\n| `error` | `{ error: unknown }` | Unrecoverable SDK error |\n\n```typescript\ntx.on('session:expired', () =\u003e router.push('/login'));\ntx.on('token:refreshed', ({ accessToken }) =\u003e console.log('Token refreshed'));\n```\n\n---\n\n## Examples\n\nThe [`examples/`](./examples) directory contains ready-to-run demo apps:\n\n| Example | Stack | Description |\n|---|---|---|\n| [`node-express`](./examples/node-express) | Node.js + Express | Server-side SDK usage with session management |\n| [`react`](./examples/react) | React 19 + Vite | SPA with `TenxyteProvider` and all 4 hooks |\n| [`vue`](./examples/vue) | Vue 3 + Vite | SPA with `tenxytePlugin` and all 4 composables |\n| [`vanilla-ts`](./examples/vanilla-ts) | TypeScript + Vite | Minimal browser example, no framework |\n\nTo run an example:\n\n```bash\ncd examples/react\nnpm install\nnpm run dev\n```\n\n---\n\n## Project Structure\n\n```\ntenxyte-js/\n├── packages/\n│   ├── core/          # @tenxyte/core — framework-agnostic SDK\n│   │   ├── src/\n│   │   │   ├── client.ts          # TenxyteClient entry point\n│   │   │   ├── http/              # HTTP client, interceptors\n│   │   │   ├── modules/           # auth, security, rbac, user, b2b, ai, ...\n│   │   │   ├── storage/           # LocalStorageAdapter, MemoryStorage\n│   │   │   └── types/             # OpenAPI-generated types\n│   │   └── tests/\n│   ├── react/         # @tenxyte/react — React hooks + TenxyteProvider\n│   │   └── src/\n│   │       ├── context.tsx        # React context\n│   │       ├── provider.tsx       # TenxyteProvider + state sync\n│   │       └── hooks.ts           # useAuth, useUser, useOrganization, useRbac\n│   └── vue/           # @tenxyte/vue — Vue composables + plugin\n│       └── src/\n│           ├── plugin.ts          # tenxytePlugin + injection key\n│           └── composables.ts     # useAuth, useUser, useOrganization, useRbac\n├── examples/\n│   ├── node-express/  # Express server example\n│   ├── react/         # React SPA example\n│   ├── vue/           # Vue SPA example\n│   └── vanilla-ts/    # Vanilla TypeScript example\n└── .github/workflows/\n    ├── ci.yml         # Lint, test, build on every push/PR\n    └── publish.yml    # Publish to npm on tag push\n```\n\n---\n\n## Development\n\n```bash\ngit clone https://github.com/tenxyte/tenxyte-js.git\ncd tenxyte-js\n\n# Core\ncd packages/core\nnpm install\nnpm run test           # Vitest — unit + integration tests\nnpm run lint           # ESLint\nnpm run typecheck      # tsc --noEmit\nnpm run build          # tsup → dist/\n\n# React\ncd packages/react\nnpm install\nnpm run typecheck\nnpm run build\n\n# Vue\ncd packages/vue\nnpm install\nnpm run typecheck\nnpm run build\n```\n\n### CI Pipeline\n\nEvery push to `main` and every PR triggers the [CI workflow](./.github/workflows/ci.yml):\n\n1. **Core** — lint → typecheck → test → build\n2. **React** — typecheck → build (depends on Core)\n3. **Vue** — typecheck → build (depends on Core)\n\n### Publishing\n\nPackages are published independently to npm via tag-based [publish workflow](./.github/workflows/publish.yml):\n\n```bash\ngit tag v-tenxyte-core-0.9.2 \u0026\u0026 git push --tags     # publishes @tenxyte/core\ngit tag v-tenxyte-react-0.5.1 \u0026\u0026 git push --tags     # publishes @tenxyte/react\ngit tag v-tenxyte-vue-0.5.1 \u0026\u0026 git push --tags       # publishes @tenxyte/vue\n```\n\n---\n\n## Compatibility\n\n| Runtime | Support |\n|---|---|\n| **Node.js** | 18+ (LTS recommended) |\n| **Browsers** | All modern browsers (Chrome, Firefox, Safari, Edge) |\n| **React** | 18.x, 19.x |\n| **Vue** | 3.3+ |\n| **TypeScript** | 5.0+ (types included, no `@types` needed) |\n\n---\n\n## Contributing\n\nContributions are welcome! A few simple rules:\n\n1. Open an issue before a major feature request.\n2. Fork → branch `feature/xxx` → PR with tests.\n3. Ensure `npm run check` passes in `packages/core` before submitting.\n\n---\n\n## License\n\nMIT — see [LICENSE](./LICENSE).\n\n## Support\n\n- 📖 [Core SDK Documentation](./packages/core/README.md)\n- ⚛️ [React Bindings Documentation](./packages/react/README.md)\n- 💚 [Vue Bindings Documentation](./packages/vue/README.md)\n- 🐛 [Issue Tracker](https://github.com/tenxyte/tenxyte-js/issues)\n- 💬 [Discussions](https://github.com/tenxyte/tenxyte-js/discussions)\n\n## Changelog\n\n### v0.10.0\n\n- **Cookie mode** — `cookieMode` config option for HttpOnly refresh token transport\n- **PKCE** — `code_verifier` parameter for social OAuth2 (RFC 7636)\n- **Expanded error codes** — 30+ new `TenxyteErrorCode` entries (`MISSING_REFRESH_TOKEN`, `INVALID_REDIRECT_URI`, `PASSWORD_BREACHED`, etc.)\n- **Optional `refresh_token`** — `TokenPair.refresh_token` is now optional (absent in cookie mode)\n- **Optional params** — `logout()` and `refreshToken()` no longer require a refresh token argument in cookie mode\n\nSee [`@tenxyte/core` CHANGELOG](./packages/core/CHANGELOG.md) for full details.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftenxyte%2Ftenxyte-js","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftenxyte%2Ftenxyte-js","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftenxyte%2Ftenxyte-js/lists"}