Developer Tools
The Developer section of the Auris Console provides a suite of tools for building, testing, and debugging integrations with Auris. These tools are designed to reduce the time between “I want to integrate Auris” and “authentication is working in my application.”
Access the Developer Hub at Console → Developer → Hub.
Developer Hub Overview
The Developer Hub is a landing page with six cards linking to each developer tool:
| Tool | Icon | Description |
|---|---|---|
| API Explorer | Globe | Browse and test all Auris API endpoints |
| Token Decoder | Key | Decode and inspect JWT tokens |
| Sandbox | Terminal | Test API calls against your tenant |
| Quickstarts | Rocket | Interactive setup wizard for your application |
| CLI Tool | Terminal | Command-line interface reference |
| SDK Overview | Package | Feature comparison across all SDK packages |
Additionally, the Developer Docs page provides inline reference guides with code blocks for common integration tasks.
API Explorer
The API Explorer provides a browsable reference of all Auris API endpoints, organized into 9 sections. Access it at Console → Developer → API Explorer.
API Sections
| Section | Endpoints | Description |
|---|---|---|
| Auth | Login, signup, token exchange, refresh, logout, MFA verification, magic link, social login | Core authentication flows |
| Users | CRUD, search, enable/disable, metadata, sessions, 2FA management | User lifecycle management |
| Roles | CRUD, permission assignment, role-based permission checks | RBAC configuration |
| Organizations | CRUD, members, invitations, SSO connections | B2B multi-org management |
| FGA | Models, tuples, check, expand, list-objects | Fine-Grained Authorization |
| Apps | Application CRUD, secret rotation, custom claims, M2M tokens | Application configuration |
| Webhooks | CRUD, test, delivery history, secret rotation | Outbound webhook management |
| OIDC | Discovery document, JWKS, authorize, userinfo | OpenID Connect standard endpoints |
| SCIM | Users, Groups, ServiceProviderConfig, Schemas, Bulk | SCIM 2.0 provisioning |
Using the API Explorer
Each section expands to show individual endpoints with:
- HTTP method and path (for example,
POST /api/auth/token) - Request parameters: Query parameters, path parameters, and request body schema
- Response format: Example success and error response bodies
- Authentication requirement: Which endpoints require a Bearer token and which are public
The API Explorer is a reference tool — it shows the request and response format but does not execute API calls. Use the Sandbox for live testing.
Token Decoder
The Token Decoder allows you to paste any JWT and see its decoded contents. Access it at Console → Developer → Token Decoder.
How to Use It
Paste a JWT
Copy an access token, ID token, or any other JWT and paste it into the text area.
View decoded output
The decoder splits the JWT into its three parts and displays them:
Header:
{
"alg": "RS256",
"kid": "key-id-1",
"typ": "JWT"
}Payload:
{
"sub": "usr_abc123",
"iss": "https://auth.yourcompany.com",
"aud": "your-client-id",
"iat": 1739880000,
"exp": 1739880900,
"email": "[email protected]",
"roles": ["editor"],
"acr": "urn:auris:acr:mfa",
"amr": ["pwd", "otp"]
}Check token validity
The decoder displays:
- Expiry status: Whether the token is still valid or has expired (comparing
expto the current time) - Issued time: Human-readable “issued at” time
- Time remaining: For valid tokens, how long until expiry
Common Use Cases
- Debugging claims: Verify that custom claims, roles, and scopes are present in the token
- Checking expiry: Determine if a
401error is caused by an expired token - Verifying ACR/AMR: Confirm that step-up authentication claims are included after MFA
- Inspecting M2M tokens: Check
type: "m2m"and scope claims for client credentials tokens - Validating DPoP: Check for
cnf.jktclaim in DPoP-bound tokens
The Token Decoder decodes the JWT payload without verifying the signature. This is intentional — it is a debugging tool. In production, always verify signatures using the JWKS endpoint. See Tokens Explained for verification guidance.
Sandbox
The Sandbox provides a live API testing environment connected to your tenant. Access it at Console → Developer → Sandbox.
How It Works
The Sandbox pre-fills authentication headers with your current admin session token and the x-tenant header with your tenant ID. You can:
- Select an API endpoint from the dropdown (organized by the same 9 sections as the API Explorer)
- Fill in request parameters (path params, query params, body)
- Click Send to execute the request against the live Auris API
- View the response status code, headers, and body
Pre-Filled Context
| Field | Value | Source |
|---|---|---|
| Base URL | Your Auris API URL | From tenant configuration |
| Authorization | Bearer {your-admin-token} | From your current Console session |
| x-tenant | Your tenant slug | From your current Console session |
This means you can immediately test endpoints without manually constructing headers.
Example: Testing a Permission Check
- Select
POST /api/roles/checkfrom the endpoint dropdown - Enter the request body:
{
"userId": "usr_abc123",
"permission": "view:invoices",
"applicationId": "app_xyz789"
}- Click Send
- View the response:
{
"ok": true,
"data": {
"allowed": true,
"source": "role_permission",
"role": "editor"
}
}Quickstarts
The Quickstarts wizard provides step-by-step instructions for integrating Auris into your application. Access it at Console → Developer → Quickstarts.
Interactive Setup Wizard
The wizard walks through three steps:
Select your application
Choose an existing application from your tenant, or click Create Application to register a new one. The wizard needs an application to pre-fill the clientId and domain in code snippets.
Select your framework
Choose your development framework. Each framework card shows the corresponding SDK package:
| Framework | SDK Package | Description |
|---|---|---|
| JavaScript | @auris/js | Vanilla JavaScript (browser or Node.js) |
| React | @auris/react | React provider + hooks |
| Next.js | @auris/nextjs | Server helpers + Edge middleware |
| PHP | auris/sdk | Composer package for PHP applications |
| WordPress | auris-sso | WordPress SSO plugin |
| Laravel | auris/sdk | PHP SDK with Laravel-specific guidance |
Follow the code snippets
The wizard displays framework-specific code with your application’s clientId and domain pre-filled:
Installation:
npm install @auris/reactProvider setup:
import { AurisProvider } from '@auris/react'
function App({ children }) {
return (
<AurisProvider
domain="auth.yourcompany.com"
clientId="your-actual-client-id"
>
{children}
</AurisProvider>
)
}Login button:
import { useAuris } from '@auris/react'
function LoginButton() {
const { loginWithRedirect, isAuthenticated, user } = useAuris()
if (isAuthenticated) {
return <p>Welcome, {user.name}</p>
}
return <button onClick={() => loginWithRedirect()}>Sign In</button>
}Advanced Topics
Below the main 3-step wizard, the Quickstarts page includes an Advanced Topics section with code snippets for:
| Topic | Description |
|---|---|
| M2M Authentication | Client credentials token exchange |
| Permissions (JS) | Check permissions with @auris/js |
| Permissions (React) | usePermissions and PermissionGate |
| Permissions (Next.js) | requirePermission and checkPermission server helpers |
| FGA Checks | Fine-Grained Authorization tuple checks |
| Management API | Server-side user/role/org management via M2M |
| Webhook Verification | HMAC-SHA256 signature verification |
| JWT Verification | Local token verification using JWKS |
Each topic includes a working code example with your application’s credentials pre-filled.
CLI Tool
The CLI Tool reference page documents the auris command-line interface for managing your tenant from a terminal. Access the reference at Console → Developer → CLI.
Available Commands
| Command | Description |
|---|---|
auris init | Initialize a project with Auris configuration |
auris login | Authenticate with your Auris tenant |
auris users list | List users in the tenant |
auris users create | Create a new user |
auris roles list | List roles |
auris roles create | Create a new role |
auris orgs list | List organizations |
auris apps list | List applications |
auris logs tail | Stream audit logs in real time |
auris actions list | List Actions Engine rules |
auris fga check | Run an FGA check from the command line |
auris import | Import users from CSV/JSON |
auris export | Export users to CSV/JSON |
Installation
npm install -g @auris/cliAuthentication
The CLI uses the same OAuth2 flow as the Console. Running auris login opens a browser window for authentication and stores the token locally.
SDK Overview
The SDK Overview page compares features across the three SDK packages. Access it at Console → Developer → SDKs.
Feature Comparison
| Feature | @auris/js | @auris/react | @auris/nextjs |
|---|---|---|---|
| OAuth2 + PKCE login | Yes | Yes | Yes |
| Magic link login | Yes | Yes | Yes |
| Social login | Yes | Yes | Yes |
| Token management | Yes | Yes | Yes |
| Auto-refresh | Yes | Yes | Yes |
| Permission checks | Yes | Yes (hooks) | Yes (server) |
| FGA checks | Yes | Yes (hooks) | Yes (server) |
| Management API (M2M) | Yes | No | Yes (server) |
| Webhook verification | Yes | No | No |
| JWT local verification | Yes | No | Yes |
| React Provider | No | Yes | Yes |
| React hooks | No | Yes | Yes |
| Server helpers | No | No | Yes |
| Edge middleware | No | No | Yes |
PermissionGate component | No | Yes | Yes |
AuthGuard component | No | Yes | Yes |
Package Details
| Package | Dependencies | Bundle Size | Environments |
|---|---|---|---|
@auris/js | Zero dependencies | ~8 KB gzipped | Browser, Node.js, Edge |
@auris/react | Depends on @auris/js | ~12 KB gzipped | Browser (React 18+) |
@auris/nextjs | Depends on @auris/react | ~15 KB gzipped | Browser + Server + Edge (Next.js 13+) |
Developer Docs
The Developer Docs page provides inline reference guides organized into collapsible sections. Access it at Console → Developer → Docs.
Guide Sections
| Section | Topics Covered |
|---|---|
| Getting Started | Installation, basic setup, first login |
| Authentication | Login methods, token handling, logout, session management |
| Authorization | RBAC permission checks, FGA integration, custom claims |
| Webhooks | Setting up endpoints, signature verification, event types |
| Server-Side | M2M tokens, management API, server-side rendering |
| OIDC | Discovery document, JWKS, standard endpoints |
Each section includes:
- Concise explanatory text
- Code blocks with syntax highlighting
- Copy buttons on all code blocks
- Quick links to the full documentation for deeper reading
The Developer Docs page is designed as a quick reference that stays within the Console, avoiding context switches to external documentation for common tasks.
Related Guides
- SDKs — Full SDK documentation
- API Reference — Complete API endpoint documentation
- Applications — Configure applications used in Quickstarts
- Quickstarts Tutorial — Full getting-started walkthrough