Skip to main content
Skip to main content

AuthResource

This class is used to send requests to Store Auth API Routes. All its method are available in the JS Client under the medusa.auth property.

The methods in this class allows you to manage a customer's session, such as login or log out. You can send authenticated requests for a customer either using the Cookie header or using the JWT Token. When you log the customer in using the authenticate method, the JS client will automatically attach the cookie header in all subsequent requests.

Related Guide: How to implement customer profiles in your storefront.

Methods

authenticate

Authenticate a customer using their email and password. If the customer is authenticated successfully, the cookie is automatically attached to subsequent requests sent with the JS Client.

Example

import Medusa from "@medusajs/medusa-js"
const medusa = new Medusa({ baseUrl: MEDUSA_BACKEND_URL, maxRetries: 3 })
medusa.auth.authenticate({
email: "user@example.com",
password: "user@example.com"
})
.then(({ customer }) => {
console.log(customer.id);
})

Parameters

payloadStorePostAuthReqRequired
The credentials of the customer to authenticate.
customHeadersRecord<string, any>Required
Custom headers to attach to the request.

Default: {}

Returns

ResponsePromiseResponsePromise<StoreAuthRes>Required
Resolves to the customer's details.

deleteSession

Log out the customer and remove their authentication session. This method requires authentication.

Example

import Medusa from "@medusajs/medusa-js"
const medusa = new Medusa({ baseUrl: MEDUSA_BACKEND_URL, maxRetries: 3 })
medusa.auth.deleteSession()
.then(() => {
// customer logged out successfully
})

Parameters

customHeadersRecord<string, any>Required
Custom headers to attach to the request.

Default: {}

Returns

ResponsePromiseResponsePromise<void>Required
Resolves when customer is logged out successfully.

getSession

Retrieve the details of the logged-in customer. Can also be used to check if there is an authenticated customer. This method requires authentication.

Example

import Medusa from "@medusajs/medusa-js"
const medusa = new Medusa({ baseUrl: MEDUSA_BACKEND_URL, maxRetries: 3 })
// must be previously logged
medusa.auth.getSession()
.then(({ customer }) => {
console.log(customer.id);
})

Parameters

customHeadersRecord<string, any>Required
Custom headers to attach to the request.

Default: {}

Returns

ResponsePromiseResponsePromise<StoreAuthRes>Required
Resolves to the customer's details.

exists

Check if the email is already used by another registered customer. Can be used to validate a new customer's email.

Example

import Medusa from "@medusajs/medusa-js"
const medusa = new Medusa({ baseUrl: MEDUSA_BACKEND_URL, maxRetries: 3 })
medusa.auth.exists("user@example.com")

Parameters

emailstringRequired
The email to check.
customHeadersRecord<string, any>Required
Custom headers to attach to the request.

Default: {}

Returns

ResponsePromiseResponsePromise<StoreGetAuthEmailRes>Required
Resolves to the result of the check.

getToken

Authenticate the customer and retrieve a JWT token to use for subsequent authenticated requests.

Example

import Medusa from "@medusajs/medusa-js"
const medusa = new Medusa({ baseUrl: MEDUSA_BACKEND_URL, maxRetries: 3 })
medusa.auth.getToken({
email: 'user@example.com',
password: 'supersecret'
})
.then(({ access_token }) => {
console.log(access_token);
})

Parameters

payloadStorePostAuthReqRequired
The credentials of the customer to authenticate.
customHeadersRecord<string, any>Required
Custom headers to attach to the request.

Default: {}

Returns

ResponsePromiseResponsePromise<StoreBearerAuthRes>Required
Resolves to the access token of the customer, if they're authenticated successfully.
Was this section helpful?