Auth strategies
bearer, apiKey, basic, cookieSession, oauth2, and the env() and keychain() resolvers.
The signatures for every auth strategy and secret resolver. Each strategy holds the credential and resolves it at call time, so the caller never sees it. The guides under Auth show how to use them.
bearer
Attaches Authorization: Bearer <token>.
import { } from 'stitchapi';apiKey
Sends a secret in a header (x-api-key by default).
import { } from 'stitchapi';basic
Base64-encodes user:pass into Authorization: Basic ….
import { } from 'stitchapi';cookieSession
Logs in once, captures the cookie from Set-Cookie, replays it on each request,
and re-logs in on a status code or a soft 200 wall.
Prop
Type
oauth2
Performs the client_credentials grant, caches the access token, refreshes it
before expiry, and attaches it as Authorization: Bearer ….
Prop
Type
env
Resolves a secret from an environment variable at call time.
import { } from 'stitchapi';keychain
Resolves a secret from ~/.stitch/secrets.json, falling back to the environment.
import { } from 'stitchapi';