What is @kittl/sdk-backend?
@kittl/sdk-backend is the server-side companion to @kittl/sdk. Use it on your app backend to handle Kittl-specific auth and integration tasks that should not run in the sandboxed app frame.
It exposes helpers through:
KittlSDKfor verifying short-lived Kittl user JWTs fromkittl.auth.getUserToken()SigningKeyCachefor optional external storage of signing keys across restarts and cold startsTokenInvalidErrorandTokenInvalidErrorCodefor verification failures
Add @kittl/sdk-backend to your server
pnpm add @kittl/sdk-backend
import { KittlSDK, TokenInvalidError } from '@kittl/sdk-backend';
Typical flow
When your app calls its own backend:
- In the app frontend, call
kittl.auth.getUserToken()to get a short-lived JWT for the current Kittl-authenticated user. - Send that token to your backend with the request you want to authorize.
- On your backend, verify the token with
KittlSDKbefore handling the request.
const kittlBackend = new KittlSDK({
appId: process.env.KITTL_APP_ID!,
});
const payload = await kittlBackend.verifyUserToken(token);
// payload.sub is a pseudonymous per-app user ID
Reference
- Token verifier —
KittlSDK, error codes, and options
Notes
- This package is for app backends only; browser code should use
@kittl/sdk. - Pass your Kittl app ID as
appId— it is used as the JWT audience. - When in-memory caching does not persist between requests (for example on edge, serverless, or autoscaling runtimes), pass a
signingKeyCacheadapter — see Token verifier. - Declare OAuth and auth flows in your app manifest as needed; see Authentication.