linxio-js

Authentication

Login, session hydration, token refresh, OTP, and safe credential handling.

POST

Login

/loginlinxio.auth.login(payload)

Authenticates an API user and stores the returned session in the client instance. Future SDK requests automatically include the bearer token.

Method parameters

email
string
required
Email address for the Linxio API or dashboard user.
password
string
required
Password for the user. Load it from a secret store or environment variable.
domain
string
optional
Optional tenant or hosted-domain hint. Most API integrations can omit it.

Returns

data.token
string
optional
JWT bearer token used for authenticated API requests.
data.refreshToken
string
optional
Refresh token used by the SDK when a request receives a recoverable 401 response.
data.expireAt
string
optional
Token expiry timestamp returned by Linxio when available.
data.otpRequired
boolean
optional
Whether Linxio requires an OTP challenge before the session can be used.
error
LinxioError | null
optional
Typed SDK error. Null when authentication succeeds.

Session Hydration

Hydrate a client

createClient(options)

Use this when you persist sessions yourself and want a new process to resume without calling auth.login() again. Pass previously stored tokens directly into createClient.

Options

token
string
optional
JWT bearer token to use for authenticated requests.
refreshToken
string
optional
Refresh token used for automatic token recovery on 401 responses.
timeoutMs
number
optional
Per-request timeout in milliseconds.
Default: 30000
retry
{ retries?: number; delayMs?: number }
optional
Retry policy for idempotent requests that fail with transient network or 5xx errors.

Automatic Refresh

When a request receives 401 and a refresh token is available, the SDK calls /token/refresh, updates the in-memory session, and retries the original request once. Concurrent refreshes are coalesced — several simultaneous 401 responses only trigger one refresh request.

OTP

POST

Verify OTP

/login/otplinxio.auth.verifyOtp(payload)

Completes an OTP challenge for accounts where Linxio requires a one-time code after the initial login. Linxio's integration notes recommend disabling OTP for machine users to avoid this step.

Method parameters

email
string
required
Email address for the Linxio user completing the OTP challenge.
code
string
required
One-time code delivered by Linxio to the user's registered device.

Secrets

Do not commit credentials. Prefer environment variables, a secret manager, or your deployment platform's encrypted environment configuration.

Recommended credential pattern
const linxio = createClient();

await linxio.auth.login({
  email: process.env.LINXIO_EMAIL!,    // from env, not source
  password: process.env.LINXIO_PASSWORD!, // from env, not source
});

Getting Started

Install linxio-js and make your first authenticated Linxio request.

SDK Reference

TypeScript client options, result contracts, service pages, and shared SDK conventions.

On this page

Session HydrationAutomatic RefreshOTPSecrets