JS SDK quickstart
Use this path when your backend talks directly to the Crittora API at https://api.crittoraapis.com. The published package is @crittora/sdk-js, and new integrations should use CrittoraClient.
What you need
- Node.js 18 or later, or a runtime with a compatible fetch implementation.
- A backend environment that can securely store credentials and bearer tokens.
- Crittora API credentials: apiKey, and optionally accessKey and secretKey for privileged backend use.
- Cognito credentials if you want the SDK to perform login: username and password.
Installation
npm install @crittora/sdk-jsPreferred setup
For new integrations, construct a CrittoraClient with explicit credentials, auth, timeout, and retry behavior.
import { CrittoraClient } from "@crittora/sdk-js";
const client = new CrittoraClient({
baseUrl: "https://api.crittoraapis.com",
credentials: {
apiKey: process.env.CRITTORA_API_KEY!,
accessKey: process.env.CRITTORA_ACCESS_KEY!,
secretKey: process.env.CRITTORA_SECRET_KEY!,
},
auth: {
type: "bearer",
token: process.env.CRITTORA_ID_TOKEN!,
},
timeoutMs: 10_000,
retry: {
maxAttempts: 2,
},
});
const result = await client.encrypt({
data: "sensitive data",
});
console.log(result.encryptedData);Built-in Cognito login
If you want the SDK to perform login and hold the returned tokens, use cognitoAuthProvider.
import { CrittoraClient, cognitoAuthProvider } from "@crittora/sdk-js";
const auth = cognitoAuthProvider({
userPoolId: "us-east-1_Tmljk4Uiw",
clientId: "5cvaao4qgphfp38g433vi5e82u",
});
await auth.login({
username: process.env.CRITTORA_USERNAME!,
password: process.env.CRITTORA_PASSWORD!,
});
const client = new CrittoraClient({
baseUrl: "https://api.crittoraapis.com",
credentials: {
apiKey: process.env.CRITTORA_API_KEY!,
},
auth,
});Legacy compatibility flow
The SDK still exports the legacy Crittora class. Its authenticate(username, password) method returns IdToken, AccessToken, and RefreshToken.
import { Crittora } from "@crittora/sdk-js";
const sdk = new Crittora({
baseUrl: "https://api.crittoraapis.com",
credentials: {
apiKey: process.env.CRITTORA_API_KEY!,
accessKey: process.env.CRITTORA_ACCESS_KEY!,
secretKey: process.env.CRITTORA_SECRET_KEY!,
},
});
const { IdToken, AccessToken, RefreshToken } = await sdk.authenticate(
process.env.CRITTORA_USERNAME!,
process.env.CRITTORA_PASSWORD!,
);
const encrypted = await sdk.encrypt(
IdToken,
"sensitive information to encrypt",
);Direct API example
If you bypass the helper methods and call the API directly, send a bearer token to the direct API host.
const accessToken = "<cognito id token>";
const response = await fetch("https://api.crittoraapis.com/encrypt", {
method: "POST",
headers: {
"Content-Type": "application/json",
Authorization: `Bearer ${accessToken}`,
},
body: JSON.stringify({
data: "sensitive information to encrypt",
}),
});
const result = await response.json();SDK decision guide
| Option | Use when |
|---|---|
| CrittoraClient | Starting a new integration. |
| cognitoAuthProvider | You want the SDK to perform Cognito login for you. |
| Legacy Crittora class | Preserving an existing integration contract. |
Next steps
- Use the endpoint reference pages for payload formats and managed-flow examples.
- Keep token issuance and refresh on the server side only.
- Do not expose accessKey and secretKey in untrusted browser code.
Integration summary
Package: @crittora/sdk-js
Base URL: https://api.crittoraapis.com
Compare flows
Working in another runtime first?
View Direct API overviewView Python SDK quickstart
Need the hosted Cognito path instead?
View Managed API quickstartBack to integration chooser