@shared/core holds the small set of TypeScript types shared across every NEAR Auth SDK and provider. It defines the contract each provider implements, the shapes returned by login and signature flows, and a handful of network constants.
@shared/core is an internal package — it is bundled into the published SDKs and providers, not installed on its own. You don’t need it for a normal integration. It’s documented here because these types are the seam you build against when you write a custom provider, or when you want precise types over the values the SDKs hand back.IFastAuthProvider
Every provider — JavascriptProvider, ReactNativeProvider, or one you write yourself — implements this interface. The browser SDK and React SDK accept any IFastAuthProvider, so conforming to it is all a custom provider needs to plug into the rest of the stack.
| Method | Returns | Description |
|---|---|---|
login(...args) | Promise<LoginResponse> | Authenticate the user and return their deterministic identifier. |
logout(...args) | Promise<void> | Clear the current session. |
isLoggedIn() | Promise<boolean> | Whether a user is currently authenticated. |
requestTransactionSignature(...args) | Promise<RequestTransactionSignatureResponse> | Ask the identity provider to authorize signing a transaction, embedding the encoded payload in the JWT. |
requestDelegateActionSignature(...args) | Promise<RequestDelegateActionSignatureResponse> | Same as above for a delegate action (gasless / meta-transaction). |
getSignatureRequest() | Promise<GetSignatureRequestResponse> | Retrieve the pending SignatureRequest and its user after a signature flow completes. |
getPath() | Promise<string> | Return the MPC derivation path for the current identity, of the form {guardId}#{userSubject}. |
Response types
The provider methods resolve to a few thin shapes.User is the primitive they all build on.
User
The deterministic identifier for an authenticated identity. The same login always resolves to the same userId, which is what lets NEAR Auth derive a stable NEAR key per user.
LoginResponse, RequestTransactionSignatureResponse, RequestDelegateActionSignatureResponse
Each of these is an alias of User — login and both signature-request flows resolve to the identity they acted on.
GetSignatureRequestResponse
Returned by getSignatureRequest(). Pairs the authenticated User with the SignatureRequest the provider prepared for the on-chain FastAuth.sign call.
SignatureRequest
The data the SDK feeds into the NEAR Auth contract’s sign method. Its fields map directly onto the contract’s sign(guard_id, verify_payload, sign_payload, algorithm) arguments.
The guard identifier — which JWT guard verifies this request on-chain (for the Auth0 flow, the Auth0 guard).
The payload to verify — typically the JWT issued by the identity provider, which the guard RS256-verifies before any signature is produced.
The bytes to sign — the encoded transaction or delegate action.
The signing algorithm the MPC network should use. Optional; defaults are resolved downstream.
Constants & unions
MPCContractAlgorithm
The signing algorithms the MPC contract supports.
This is the on-chain / MPC-facing algorithm union. The SDK-facing signer key type in the browser SDK uses
"secp256k1" | "ed25519" for public keys — they describe different layers, so don’t mix them up.FastAuthNetwork
The two supported NEAR networks. Providers and SDKs take this to select endpoints and defaults.
FAST_AUTH_AUTH0_DEFAULTS
Per-network Auth0 defaults, keyed by FastAuthNetwork. Providers fall back to these when you don’t pass an explicit domain or signingAudience.
FastAuthAuth0NetworkDefaults:
| Field | Type | Description |
|---|---|---|
domain | string | The Auth0 tenant domain used for authentication. |
audience | string | The Auth0 API audience. |
signingAudience | string | The audience embedded in signing JWTs — the Auth0 guard account that must appear in the token’s aud claim. |
Building a custom provider
Because the SDKs depend only onIFastAuthProvider, you can implement your own provider — wrapping a different identity source or auth flow — and pass it straight into FastAuthClient or FastAuthProvider.
Next steps
SDK overview
How the SDKs, providers, and core types fit together.
JavaScript provider
The reference
IFastAuthProvider implementation for web.Browser SDK
FastAuthClient and FastAuthSigner, built on these types.How it works
Where a
SignatureRequest goes once it leaves the SDK.