HelioRim brand iconHelioRim

API Reference

Complete reference for the HelioRim Client SDK and REST API.

Client SDK

JavaScript/TypeScript SDK for frontend applications with WebAuthn support.

View SDK Reference →

REST API

Server-side API for authentication, user management, and session handling.

View API Reference →

React Hooks Reference

Complete documentation for all 10 React hooks provided by @heliorim/sdk-react:

useAuth

Authentication state management and session handling

usePasskey

Passkey registration and credential management

useRecovery

Account recovery and backup methods

useTrust

Device trust scoring and risk assessment

useLargeBlob

Store encrypted data in passkey credentials

usePRF

Pseudo-random function for client-side encryption

useJWT

JWT token generation and verification

useAdmin

Admin user and tenant management

useAudit

Audit logging and compliance reporting

useCompliance

GDPR/CCPA compliance and data governance

Framework Guides

Step-by-step integration guides for each supported framework:

React

Hooks, providers, and TypeScript setup

Vue 3

Composables and plugin configuration

Angular

Services, directives, and modules

Next.js

App router and server components

Nuxt

Auto-imports and SSR handling

Svelte

Stores and reactive statements

Client SDK Overview

The HelioRim Client SDK provides a simple interface for passkey authentication:

Installation
npm install @heliorim/sdk

Core Methods

auth.register(options)

Register a new user with passkey authentication.

const result = await auth.register({
  email: 'user@example.com',
  displayName: 'John Doe',
  userVerification: 'required'
});
Parameters
  • email - User email
  • displayName - User's display name
  • userVerification - 'required' | 'preferred' | 'discouraged'
Returns
  • success - Boolean
  • user - User object
  • credentialId - Passkey ID

auth.login(options)

Authenticate a user with their passkey.

const result = await auth.login({
  email: 'user@example.com',
  userVerification: 'required'
});
Parameters
  • email - User email
  • userVerification - 'required' | 'preferred' | 'discouraged'
Returns
  • success - Boolean
  • user - User object
  • session - Session data with token

REST API Overview

Base URL: https://api.heliorim.dev

Authentication

All API requests require authentication via API key in the header:

Authorization: Bearer YOUR_API_KEY
Content-Type: application/json

Core Endpoints

POST/auth/register/begin

Start the passkey registration process.

{
  "email": "user@example.com",
  "displayName": "John Doe",
  "userVerification": "required"
}
POST/auth/login/begin

Start the passkey authentication process.

{
  "email": "user@example.com",
  "userVerification": "required"
}
GET/auth/session/verify

Verify a session token and get user information.

Authorization: Bearer SESSION_TOKEN

Error Handling

All API errors follow a consistent format:

{
  "error": {
    "code": "CREDENTIAL_NOT_FOUND",
    "message": "No passkey found for this user",
    "details": {
      "email": "user@example.com"
    }
  }
}

Common Error Codes

CodeDescriptionHTTP Status
USER_CANCELLEDUser cancelled the authentication400
CREDENTIAL_NOT_FOUNDNo passkey found for user404
AUTHENTICATOR_NOT_SUPPORTEDDevice doesn't support WebAuthn400
INVALID_SIGNATUREAuthentication signature invalid401
RATE_LIMITEDToo many requests429

Interactive API Explorer

Try out the API endpoints with your own data using our interactive explorer.

Open API Playground