Skip to Content
Admin ConsoleDeveloper Tools

Developer Tools

The Developer section of the Auris Console provides a suite of tools for building, testing, and debugging integrations with Auris. These tools are designed to reduce the time between “I want to integrate Auris” and “authentication is working in my application.”

Access the Developer Hub at ConsoleDeveloperHub.

Developer Hub Overview

The Developer Hub is a landing page with six cards linking to each developer tool:

ToolIconDescription
API ExplorerGlobeBrowse and test all Auris API endpoints
Token DecoderKeyDecode and inspect JWT tokens
SandboxTerminalTest API calls against your tenant
QuickstartsRocketInteractive setup wizard for your application
CLI ToolTerminalCommand-line interface reference
SDK OverviewPackageFeature comparison across all SDK packages

Additionally, the Developer Docs page provides inline reference guides with code blocks for common integration tasks.

API Explorer

The API Explorer provides a browsable reference of all Auris API endpoints, organized into 9 sections. Access it at ConsoleDeveloperAPI Explorer.

API Sections

SectionEndpointsDescription
AuthLogin, signup, token exchange, refresh, logout, MFA verification, magic link, social loginCore authentication flows
UsersCRUD, search, enable/disable, metadata, sessions, 2FA managementUser lifecycle management
RolesCRUD, permission assignment, role-based permission checksRBAC configuration
OrganizationsCRUD, members, invitations, SSO connectionsB2B multi-org management
FGAModels, tuples, check, expand, list-objectsFine-Grained Authorization
AppsApplication CRUD, secret rotation, custom claims, M2M tokensApplication configuration
WebhooksCRUD, test, delivery history, secret rotationOutbound webhook management
OIDCDiscovery document, JWKS, authorize, userinfoOpenID Connect standard endpoints
SCIMUsers, Groups, ServiceProviderConfig, Schemas, BulkSCIM 2.0 provisioning

Using the API Explorer

Each section expands to show individual endpoints with:

  • HTTP method and path (for example, POST /api/auth/token)
  • Request parameters: Query parameters, path parameters, and request body schema
  • Response format: Example success and error response bodies
  • Authentication requirement: Which endpoints require a Bearer token and which are public

The API Explorer is a reference tool — it shows the request and response format but does not execute API calls. Use the Sandbox for live testing.

Token Decoder

The Token Decoder allows you to paste any JWT and see its decoded contents. Access it at ConsoleDeveloperToken Decoder.

How to Use It

Paste a JWT

Copy an access token, ID token, or any other JWT and paste it into the text area.

View decoded output

The decoder splits the JWT into its three parts and displays them:

Header:

{ "alg": "RS256", "kid": "key-id-1", "typ": "JWT" }

Payload:

{ "sub": "usr_abc123", "iss": "https://auth.yourcompany.com", "aud": "your-client-id", "iat": 1739880000, "exp": 1739880900, "email": "[email protected]", "roles": ["editor"], "acr": "urn:auris:acr:mfa", "amr": ["pwd", "otp"] }

Check token validity

The decoder displays:

  • Expiry status: Whether the token is still valid or has expired (comparing exp to the current time)
  • Issued time: Human-readable “issued at” time
  • Time remaining: For valid tokens, how long until expiry

Common Use Cases

  • Debugging claims: Verify that custom claims, roles, and scopes are present in the token
  • Checking expiry: Determine if a 401 error is caused by an expired token
  • Verifying ACR/AMR: Confirm that step-up authentication claims are included after MFA
  • Inspecting M2M tokens: Check type: "m2m" and scope claims for client credentials tokens
  • Validating DPoP: Check for cnf.jkt claim in DPoP-bound tokens

The Token Decoder decodes the JWT payload without verifying the signature. This is intentional — it is a debugging tool. In production, always verify signatures using the JWKS endpoint. See Tokens Explained for verification guidance.

Sandbox

The Sandbox provides a live API testing environment connected to your tenant. Access it at ConsoleDeveloperSandbox.

How It Works

The Sandbox pre-fills authentication headers with your current admin session token and the x-tenant header with your tenant ID. You can:

  1. Select an API endpoint from the dropdown (organized by the same 9 sections as the API Explorer)
  2. Fill in request parameters (path params, query params, body)
  3. Click Send to execute the request against the live Auris API
  4. View the response status code, headers, and body

Pre-Filled Context

FieldValueSource
Base URLYour Auris API URLFrom tenant configuration
AuthorizationBearer {your-admin-token}From your current Console session
x-tenantYour tenant slugFrom your current Console session

This means you can immediately test endpoints without manually constructing headers.

Example: Testing a Permission Check

  1. Select POST /api/roles/check from the endpoint dropdown
  2. Enter the request body:
{ "userId": "usr_abc123", "permission": "view:invoices", "applicationId": "app_xyz789" }
  1. Click Send
  2. View the response:
{ "ok": true, "data": { "allowed": true, "source": "role_permission", "role": "editor" } }

Quickstarts

The Quickstarts wizard provides step-by-step instructions for integrating Auris into your application. Access it at ConsoleDeveloperQuickstarts.

Interactive Setup Wizard

The wizard walks through three steps:

Select your application

Choose an existing application from your tenant, or click Create Application to register a new one. The wizard needs an application to pre-fill the clientId and domain in code snippets.

Select your framework

Choose your development framework. Each framework card shows the corresponding SDK package:

FrameworkSDK PackageDescription
JavaScript@auris/jsVanilla JavaScript (browser or Node.js)
React@auris/reactReact provider + hooks
Next.js@auris/nextjsServer helpers + Edge middleware
PHPauris/sdkComposer package for PHP applications
WordPressauris-ssoWordPress SSO plugin
Laravelauris/sdkPHP SDK with Laravel-specific guidance

Follow the code snippets

The wizard displays framework-specific code with your application’s clientId and domain pre-filled:

Installation:

npm install @auris/react

Provider setup:

import { AurisProvider } from '@auris/react' function App({ children }) { return ( <AurisProvider domain="auth.yourcompany.com" clientId="your-actual-client-id" > {children} </AurisProvider> ) }

Login button:

import { useAuris } from '@auris/react' function LoginButton() { const { loginWithRedirect, isAuthenticated, user } = useAuris() if (isAuthenticated) { return <p>Welcome, {user.name}</p> } return <button onClick={() => loginWithRedirect()}>Sign In</button> }

Advanced Topics

Below the main 3-step wizard, the Quickstarts page includes an Advanced Topics section with code snippets for:

TopicDescription
M2M AuthenticationClient credentials token exchange
Permissions (JS)Check permissions with @auris/js
Permissions (React)usePermissions and PermissionGate
Permissions (Next.js)requirePermission and checkPermission server helpers
FGA ChecksFine-Grained Authorization tuple checks
Management APIServer-side user/role/org management via M2M
Webhook VerificationHMAC-SHA256 signature verification
JWT VerificationLocal token verification using JWKS

Each topic includes a working code example with your application’s credentials pre-filled.

CLI Tool

The CLI Tool reference page documents the auris command-line interface for managing your tenant from a terminal. Access the reference at ConsoleDeveloperCLI.

Available Commands

CommandDescription
auris initInitialize a project with Auris configuration
auris loginAuthenticate with your Auris tenant
auris users listList users in the tenant
auris users createCreate a new user
auris roles listList roles
auris roles createCreate a new role
auris orgs listList organizations
auris apps listList applications
auris logs tailStream audit logs in real time
auris actions listList Actions Engine rules
auris fga checkRun an FGA check from the command line
auris importImport users from CSV/JSON
auris exportExport users to CSV/JSON

Installation

npm install -g @auris/cli

Authentication

The CLI uses the same OAuth2 flow as the Console. Running auris login opens a browser window for authentication and stores the token locally.

SDK Overview

The SDK Overview page compares features across the three SDK packages. Access it at ConsoleDeveloperSDKs.

Feature Comparison

Feature@auris/js@auris/react@auris/nextjs
OAuth2 + PKCE loginYesYesYes
Magic link loginYesYesYes
Social loginYesYesYes
Token managementYesYesYes
Auto-refreshYesYesYes
Permission checksYesYes (hooks)Yes (server)
FGA checksYesYes (hooks)Yes (server)
Management API (M2M)YesNoYes (server)
Webhook verificationYesNoNo
JWT local verificationYesNoYes
React ProviderNoYesYes
React hooksNoYesYes
Server helpersNoNoYes
Edge middlewareNoNoYes
PermissionGate componentNoYesYes
AuthGuard componentNoYesYes

Package Details

PackageDependenciesBundle SizeEnvironments
@auris/jsZero dependencies~8 KB gzippedBrowser, Node.js, Edge
@auris/reactDepends on @auris/js~12 KB gzippedBrowser (React 18+)
@auris/nextjsDepends on @auris/react~15 KB gzippedBrowser + Server + Edge (Next.js 13+)

Developer Docs

The Developer Docs page provides inline reference guides organized into collapsible sections. Access it at ConsoleDeveloperDocs.

Guide Sections

SectionTopics Covered
Getting StartedInstallation, basic setup, first login
AuthenticationLogin methods, token handling, logout, session management
AuthorizationRBAC permission checks, FGA integration, custom claims
WebhooksSetting up endpoints, signature verification, event types
Server-SideM2M tokens, management API, server-side rendering
OIDCDiscovery document, JWKS, standard endpoints

Each section includes:

  • Concise explanatory text
  • Code blocks with syntax highlighting
  • Copy buttons on all code blocks
  • Quick links to the full documentation for deeper reading

The Developer Docs page is designed as a quick reference that stays within the Console, avoiding context switches to external documentation for common tasks.