To simplify development of your Cord integration, we have server-side libraries for several languages. These make it easier to produce tokens and call our REST API
npm install @cord-sdk/server
All functions generate a JWT with HS512
and an expiration time of 1 minute.
You can get your app ID and secret from the Cord console. Store your secret securely on your servers. Don't share it with anyone, and don't include it in client code.
See our authentication guide for a description of the behavior invoked by including optional parts of the client auth token data.
type PlatformUserVariables = {
email: string;
name?: string;
profile_picture_url?: string;
status?: 'active' | 'deleted';
};
type PlatformOrganizationVariables = {
name: string;
status?: 'active' | 'deleted';
members?: Array<string | number>;
};
type ClientAuthTokenData = {
app_id: string;
user_id: string;
organization_id: string;
user_details?: PlatformUserVariables;
organization_details?: PlatformOrganizationVariables;
};
function getClientAuthToken(app_id: string, app_secret: string, payload: Omit<ClientAuthTokenData, 'app_id'>): string;
All functions generate a JWT with HS512
and an expiration time of 1 minute.
You can get your app ID and secret from the Cord console. Store your secret securely on your servers. Don't share it with anyone, and don't include it in client code.
function getServerAuthToken(app_id: string, app_secret: string): string;
These are customer-level server authentication tokens used to interact only with the Applications API
You can get your customer ID and secret from the Cord console. Store your secret securely on your servers. Don't share it with anyone, and don't include it in client code.
function getApplicationManagementAuthToken(customer_id: string, customer_secret: string): string;