Skip to main content

What is @kittl/sdk-backend?

@kittl/sdk-backend is the server-side companion to @kittl/sdk. Use it on your app backend to handle Kittl-specific auth and integration tasks that should not run in the sandboxed app frame.

It exposes helpers through:

  • KittlSDK for verifying short-lived Kittl user JWTs from kittl.auth.getUserToken()
  • SigningKeyCache for optional external storage of signing keys across restarts and cold starts
  • TokenInvalidError and TokenInvalidErrorCode for verification failures

Add @kittl/sdk-backend to your server

pnpm add @kittl/sdk-backend
import { KittlSDK, TokenInvalidError } from '@kittl/sdk-backend';

Typical flow

When your app calls its own backend:

  1. In the app frontend, call kittl.auth.getUserToken() to get a short-lived JWT for the current Kittl-authenticated user.
  2. Send that token to your backend with the request you want to authorize.
  3. On your backend, verify the token with KittlSDK before handling the request.
const kittlBackend = new KittlSDK({
appId: process.env.KITTL_APP_ID!,
});

const payload = await kittlBackend.verifyUserToken(token);
// payload.sub is a pseudonymous per-app user ID

Reference

Notes

  • This package is for app backends only; browser code should use @kittl/sdk.
  • Pass your Kittl app ID as appId — it is used as the JWT audience.
  • When in-memory caching does not persist between requests (for example on edge, serverless, or autoscaling runtimes), pass a signingKeyCache adapter — see Token verifier.
  • Declare OAuth and auth flows in your app manifest as needed; see Authentication.