Quickstart

Ce contenu n’est pas encore disponible dans votre langue.

Four steps from zero to a signed-in user. The whole thing should take about ten minutes.

1. Create an organization

Sign up at the Kiavi management dashboard and create an organization. The org is the billing and team-membership boundary, apps live inside it.

2. Register your app

Add an application in the dashboard. Pick a slug (used in the auth server URL like yourapp.kiavi.eu), configure allowed redirect URLs, and choose which identity providers to enable.

For mobile apps, register a separate client ending in -native (for example yourapp-native). The native SDK derives its deep-link redirect URI from this suffix.

3. Install an SDK

Pick the SDK that matches where your code runs. Each one ships its own complete reference , this page only shows the minimum.

Web (React, Vue, Svelte, plain JS):

pnpm add @kiavi/kiavi-browser

React Native (Expo or bare RN):

pnpm add @kiavi/kiavi-react-native expo-auth-session expo-secure-store expo-crypto

Server (Node, Bun, Deno, edge runtimes):

pnpm add @kiavi/kiavi-js

After installing, run the package’s init command to drop the version-pinned integration guide into your repo so Cursor, Claude Code, and similar agents can read it:

npx kiavi-browser init        # for the browser SDK
npx kiavi-react-native init   # for the React Native SDK
npx kiavi-js init             # for the server SDK

Each command writes to .kiavi/<package>.md and adds a reference block to AGENTS.md (or CLAUDE.md). Re-run on upgrade. See AI agent docs for the full picture.

4. Wire up authentication

The SDKs all follow the same shape: construct one client, ensure a session at app entry, attach the access token to outgoing API calls.

Web

import { KiaviClient } from '@kiavi/kiavi-browser'

export const auth = new KiaviClient('https://auth.your-domain.com')

// At app entry / route guard:
const session = await auth.authenticate()

// On every API call:
const token = await auth.getAccessToken()
fetch('/api/things', { headers: { Authorization: `Bearer ${token}` } })

React Native

import { KiaviClient } from '@kiavi/kiavi-react-native'

export const kiavi = new KiaviClient({
  authBaseUrl: 'https://auth.your-domain.com',
  clientId: 'yourapp-native',
})

// From a sign-in button:
await kiavi.authenticate()

// On every API call:
const token = await kiavi.getAccessToken()
fetch('https://api.yourapp.com/me', {
  headers: { Authorization: `Bearer ${token}` },
})

Server

import { KiaviClient } from '@kiavi/kiavi-js'

const kiavi = new KiaviClient('https://auth.your-domain.com', 'my-api-audience')

// In your request handler:
const token = request.headers.get('authorization')?.replace(/^Bearer /i, '') ?? ''
const user = await kiavi.verifyToken(token)
if (!user) return new Response('Unauthorized', { status: 401 })

How Kiavi works, the trust model, the two server modes, and how silent refresh is handled.
@kiavi/kiavi-browser reference, every method, option, and exported type for the web SDK.
@kiavi/kiavi-react-native reference, secure storage, deep-link callbacks, and bare-RN notes.
@kiavi/kiavi-js reference, verifyToken vs verifySession trade-offs.