Introduction

Name: OneEntry SDK
Author: OneEntry

User authentication and registration made easy.

More information about the module's user interface https://doc.oneentry.cloud/docs/users/auth_provider

🎯 What does this module do?

The AuthProvider module handles everything related to user authentication — signing up, logging in, password changes, email/SMS activation codes, OAuth, and keeping the session alive with access and refresh tokens. The SDK supports multiple authentication providers (login + password and OAuth).

🚀 Quickstart

Initialize the module from defineOneEntry:


const { AuthProvider } = defineOneEntry(
  "your-project-url", {
    "token": "your-app-token"
  }
);

Authenticate a user against the email provider and read the returned tokens:

// Authenticate against the "email" auth provider.
const result = await AuthProvider.auth("email", {
  authData: [
    { marker: "login", value: "example@oneentry.cloud" },
    { marker: "password", value: "12345" },
  ],
});

// On success the SDK stores the tokens automatically.
console.log(result.accessToken, result.refreshToken);

The first argument is always the provider marker (e.g. "email"). After a successful auth(), the SDK keeps the tokens and refreshes them for you.

✨ Key Concepts

Feature	What It Does	Example Use
User Registration	Create new user accounts	Sign up form
Login / Logout	Authenticate users	Login page
Password Management	Change & recover passwords	Forgot password flow
Token Management	Keep users logged in securely	Auto-refresh sessions
Email / SMS / Push verification	Send activation codes	Verify account after signup
OAuth	Social login (Google, etc.)	"Sign in with Google"

Authentication flow

1. User enters email + password
   ↓
2. auth() is called with the provider marker
   ↓
3. OneEntry verifies credentials and returns access + refresh tokens
   ↓
4. The SDK stores the tokens and sends the access token with requests
   ↓
5. When the access token expires, the SDK uses the refresh token automatically

📋 What You Need to Know

Authentication providers

OneEntry supports different ways to authenticate, each identified by a marker:

Email (email) - traditional login + password
OAuth - Google, Facebook, etc.

Activation codes can be delivered over different channels (email, SMS, or push) via the notificationData object you pass to signUp() — phoneSMS and phonePush are delivery channels for those codes, not standalone login providers.

Tokens

A successful auth() returns two tokens:

Access Token - short-lived, sent with API requests. Its lifetime is configured in the admin panel.
Refresh Token - long-lived, used to obtain new access tokens.

The SDK stores and refreshes tokens for you. To persist a session across reloads, configure saveFunction (see the FAQ below).

Form fields

When registering users you send form data entries with:

marker - field name (e.g. email_reg, password_reg, last_name)
type - data type (e.g. string, image)
value - the actual value

📊 Quick Reference Table - Common Methods

Method	What It Does
activateUser()	User activation with a service code.
auth()	Authenticate a user.
changePassword()	User password change.
checkCode()	Check the user activation code.
generateCode()	Get a code to activate the user.
getActiveSessionsByMarker()	Get active user sessions.
getAuthProviderByMarker()	Get one auth provider object by marker.
getAuthProviders()	Get all auth provider objects.
logout() 🔐	Log out of the current account.
logoutAll() 🔐	Log out on all devices.
oauth()	Register / authenticate via OAuth.
refresh()	Refresh user tokens.
signUp()	User registration.

🔐 marks methods that require an authorized user session.

❓ Common Questions (FAQ)

Do I need to manage tokens manually?

No. The SDK stores tokens, refreshes expired ones, and sends the access token with each request automatically.

How do I keep users logged in after page refresh?

Configure the SDK with saveFunction:

const { AuthProvider } = defineOneEntry("your-url", {
  token: "your-token",
  auth: {
    refreshToken: localStorage.getItem('refreshToken'),
    saveFunction: (token) => localStorage.setItem('refreshToken', token)
  }
});

login - can be email OR username (whatever your auth provider accepts)
email - always an email address

Yes. Set up OAuth providers in OneEntry admin, then use the oauth() method.

What happens when the access token expires?

The SDK automatically uses the refresh token to obtain a new access token, so users stay logged in.

🎓 Best Practices

Always pass the provider marker as the first argument (e.g. "email").
Persist the refresh token with saveFunction so sessions survive reloads.
Wrap auth calls in try/catch and inspect the returned error object.
Use logout() / logoutAll() to invalidate sessions on the server, not just client-side.

Users Module - Manage user profiles and data
Forms Module - Create registration/login forms
FormData Module - Handle form submissions

🎯 What does this module do?​

🚀 Quickstart​

✨ Key Concepts​

Authentication flow​

📋 What You Need to Know​

Authentication providers​

Tokens​

Form fields​

📊 Quick Reference Table - Common Methods​

❓ Common Questions (FAQ)​

Do I need to manage tokens manually?​

How do I keep users logged in after page refresh?​

What's the difference between login and email?​

Can I use social login (Google, Facebook)?​

What happens when the access token expires?​

🎓 Best Practices​

🔗 Related Documentation​