SDK REFERENCE
SDK Documentation
Official SDKs for integrating Zalt authentication into your applications. All SDKs are open-source and available on npm/PyPI.
Installation
npm install @zalt/coreCore SDK Examples
Client Setup & Authentication
import { ZaltClient } from '@zalt/core';
const zalt = new ZaltClient({
realmId: process.env.ZALT_REALM_ID!,
secretKey: process.env.ZALT_SECRET_KEY!, // Server-side only
});
// Login
const { accessToken, refreshToken, user } = await zalt.login({
email: 'user@example.com',
password: 'securePassword123',
});
// Verify token
const payload = await zalt.verifyToken(accessToken);
console.log(payload.sub); // User IDWebhook Verification
import { verifyWebhookSignature } from '@zalt/core';
// Express webhook handler
app.post('/webhooks/zalt', (req, res) => {
const signature = req.headers['x-zalt-signature'];
const payload = req.body;
const isValid = verifyWebhookSignature(
payload,
signature,
process.env.ZALT_WEBHOOK_SECRET!
);
if (!isValid) {
return res.status(401).json({ error: 'Invalid signature' });
}
// Handle event
switch (payload.type) {
case 'user.created':
console.log('New user:', payload.data.email);
break;
case 'session.created':
console.log('New session:', payload.data.sessionId);
break;
}
res.json({ received: true });
});MFA Setup
// Setup TOTP MFA
const { secret, qrCode, backupCodes } = await zalt.mfa.setupTOTP(userId);
// Verify TOTP code
const verified = await zalt.mfa.verifyTOTP(userId, '123456');
// Setup WebAuthn (passkeys)
const options = await zalt.mfa.startWebAuthnRegistration(userId);
// ... browser handles credential creation
const credential = await zalt.mfa.completeWebAuthnRegistration(userId, response);Full API Reference
See the complete API documentation with all methods, types, and examples.
View API Reference