Overview

authfort-client is a TypeScript SDK for browsers and mobile apps. It handles the entire token lifecycle — login, refresh, 401 retry, and auth state management — so you don’t have to.

What It Does

• Token refresh — automatically refreshes before expiry
• 401 retry — if a request gets 401, refreshes the token and retries once
• Deduplication — multiple concurrent 401s share a single refresh call
• Auth state — reactive state management with callbacks
• Framework integrations — React, Vue, and Svelte hooks included

Install

npm yarn pnpm bun

npm install authfort-client

npm install authfort-client

yarn add authfort-client

yarn add authfort-client

pnpm add authfort-client

pnpm add authfort-client

bun add authfort-client

bun add authfort-client

Quick Start

import { createAuthClient } from 'authfort-client';

const auth = createAuthClient({
  baseUrl: '/auth',
  tokenMode: 'cookie',
});

await auth.initialize();
await auth.signIn({ email: 'user@example.com', password: 'secret' });

// Authenticated requests — handles tokens automatically
const res = await auth.fetch('/api/profile');
const data = await res.json();

import { createAuthClient } from 'authfort-client';

const auth = createAuthClient({
  baseUrl: '/auth',
  tokenMode: 'cookie',
});

await auth.initialize();
await auth.signIn({ email: 'user@example.com', password: 'secret' });

// Authenticated requests — handles tokens automatically
const res = await auth.fetch('/api/profile');
const data = await res.json();

Token Modes

Mode	How Tokens Are Sent	Storage	Best For
cookie	HttpOnly cookies (automatic)	Browser handles it	Web apps
bearer	Authorization: Bearer header	TokenStorage adapter	Mobile, desktop, non-browser

In cookie mode, auth.fetch() adds credentials: 'include' and the browser sends cookies automatically. In bearer mode, auth.fetch() reads the access token from memory and adds the Authorization header.