The Stytch Node library makes it easy to use the Stytch user infrastructure API in server-side JavaScript applications.
It pairs well with the Stytch Web SDK or your own custom authentication flow.
npm install stytch
# or
yarn add stytch
You can find your API credentials in the Stytch Dashboard.
This client library supports all of Stytch's live products:
- Email Magic Links
- Embeddable Magic Links
- OAuth logins
- SMS passcodes
- WhatsApp passcodes
- Email passcodes
- Session Management
- WebAuthn (Beta)
- User Management (Beta)
- Time-based one-time passcodes (TOTPs) (Beta)
Create an API client:
const stytch = require("stytch");
// Or as an ES6 module:
// import * as stytch from "stytch";
const client = new stytch.Client({
project_id: "project-live-c60c0abe-c25a-4472-a9ed-320c6667d317",
secret: "secret-live-80JASucyk7z_G8Z-7dVwZVGXL5NT_qGAQ2I=",
env: stytch.envs.test,
});
Send a magic link by email:
client.magicLinks.email
.loginOrCreate({
email: "sandbox@stytch.com",
login_magic_link_url: "https://example.com/authenticate",
signup_magic_link_url: "https://example.com/authenticate",
})
.then((res) => console.log(res))
.catch((err) => console.error(err));
Authenticate the token from the magic link:
client.magicLinks
.authenticate("DOYoip3rvIMMW5lgItikFK-Ak1CfMsgjuiCyI7uuU94=")
.then((res) => console.log(res))
.catch((err) => console.error(err));
Stytch errors always include an error_type
field you can use to identify them:
client.magicLinks
.authenticate("not-a-token!")
.then((res) => console.log(res))
.catch((err) => {
if (err.error_type === "invalid_token") {
console.log("Whoops! Try again?");
}
});
Learn more about errors in the docs.
See example requests and responses for all the endpoints in the Stytch API Reference.
Follow one of the integration guides or start with one of our example apps.
If you've found a bug, open an issue!
If you have questions or want help troubleshooting, join us in Slack or email support@stytch.com.
If you've found a security vulnerability, please follow our responsible disclosure instructions.
See DEVELOPMENT.md
Everyone interacting in the Stytch project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the code of conduct.