Interface IdentityContextValue

Value provided by IdentityProvider to all child components.

Access this via useIdentity() or the convenience hooks useUser(), useAuthState(), and useAuthActions().

interface IdentityContextValue {
    authClient: HiyveAuth;
    clearError: () => void;
    createMCPToken: (
        params?: {
            expiresIn?: string;
            ipRestriction?: string[];
            name?: string;
            permissions?: string[];
        },
    ) => Promise<{ rawToken: string; token: MCPToken }>;
    createOAuthClient: (
        params: {
            clientName: string;
            redirectUris: string[];
            scopes?: string[];
        },
    ) => Promise<
        { client: OAuthClient; clientId: string; clientSecret: string },
    >;
    deleteOAuthClient: (clientId: string) => Promise<{ message: string }>;
    error: Error | null;
    isAuthenticated: boolean;
    isLoading: boolean;
    listMCPTokens: () => Promise<MCPToken[]>;
    listOAuthClients: () => Promise<OAuthClient[]>;
    listTrustedDevices: () => Promise<TrustedDevice[]>;
    login: (email: string, password: string) => Promise<void>;
    logout: () => Promise<void>;
    refreshUser: () => Promise<void>;
    register: (
        email: string,
        password: string,
        name?: string,
        metadata?: Record<string, unknown>,
    ) => Promise<void>;
    requestPasswordReset: (email: string) => Promise<{ message: string }>;
    resendOtp: () => Promise<{ expiresIn: number; message: string }>;
    resendVerification: (email: string) => Promise<{ message: string }>;
    resetPassword: (
        token: string,
        password: string,
    ) => Promise<{ message: string }>;
    revokeAllTrustedDevices: () => Promise<{ count: number; message: string }>;
    revokeMCPToken: (tokenId: string) => Promise<{ message: string }>;
    revokeTrustedDevice: (deviceId: string) => Promise<{ message: string }>;
    status: AuthStatus;
    tfaEvent: TfaRequiredEvent | null;
    tfaRequired: boolean;
    user: AuthUser | null;
    verifyEmail: (token: string) => Promise<{ message: string }>;
    verifyTfa: (code: string, type?: string) => Promise<void>;
}

Properties

authClient

authClient: HiyveAuth

The underlying HiyveAuth client instance for advanced use cases

clearError

clearError: () => void

Clear the current error state

createMCPToken

createMCPToken: (
    params?: {
        expiresIn?: string;
        ipRestriction?: string[];
        name?: string;
        permissions?: string[];
    },
) => Promise<{ rawToken: string; token: MCPToken }>

Create a new MCP token. The raw token is only returned once.

createOAuthClient

createOAuthClient: (
    params: {
        clientName: string;
        redirectUris: string[];
        scopes?: string[];
    },
) => Promise<
    { client: OAuthClient; clientId: string; clientSecret: string },
>

deleteOAuthClient

deleteOAuthClient: (clientId: string) => Promise<{ message: string }>

Delete (soft-delete) an OAuth client by its ID.

error

error: Error | null

Most recent error from any auth operation, or null

isAuthenticated

isAuthenticated: boolean

true when the user has a valid session

isLoading

isLoading: boolean

true during the initial auth check on mount

listMCPTokens

listMCPTokens: () => Promise<MCPToken[]>

List all MCP tokens for the current user.

listOAuthClients

listOAuthClients: () => Promise<OAuthClient[]>

List all OAuth clients for the current user.

listTrustedDevices

listTrustedDevices: () => Promise<TrustedDevice[]>

List all trusted devices for the current user.

Authenticate with email and password. Throws on failure.

logout

logout: () => Promise<void>

End the current session and clear tokens.

refreshUser

refreshUser: () => Promise<void>

Re-fetch the current user profile from the server.

register

register: (
    email: string,
    password: string,
    name?: string,
    metadata?: Record<string, unknown>,
) => Promise<void>

Create a new account. Throws on failure.

requestPasswordReset

requestPasswordReset: (email: string) => Promise<{ message: string }>

Request a password reset email for the given address.

resendOtp

resendOtp: () => Promise<{ expiresIn: number; message: string }>

Resend the TFA one-time code. Returns the new expiry.

resendVerification

resendVerification: (email: string) => Promise<{ message: string }>

Resend the verification email.

resetPassword

resetPassword: (token: string, password: string) => Promise<{ message: string }>

Set a new password using a reset token from email.

revokeAllTrustedDevices

revokeAllTrustedDevices: () => Promise<{ count: number; message: string }>

Revoke all trusted devices. Returns the count of revoked devices.

revokeMCPToken

revokeMCPToken: (tokenId: string) => Promise<{ message: string }>

Revoke an MCP token by its ID.

revokeTrustedDevice

revokeTrustedDevice: (deviceId: string) => Promise<{ message: string }>

Revoke trust for a specific device by its ID.

status

status: AuthStatus

Current authentication lifecycle status

tfaEvent

tfaEvent: TfaRequiredEvent | null

TFA challenge details when tfaRequired is true

tfaRequired

tfaRequired: boolean

true when the last login attempt requires TFA verification

user

user: AuthUser | null

Authenticated user profile, or null when not logged in

verifyEmail

verifyEmail: (token: string) => Promise<{ message: string }>

Verify an email address using the token from the verification email.

verifyTfa

verifyTfa: (code: string, type?: string) => Promise<void>

Submit a TFA verification code after login triggers TFA.

Interface IdentityContextValue

Index

Properties

Properties

authClient

clearError

createMCPToken

createOAuthClient

deleteOAuthClient

error

isAuthenticated

isLoading

listMCPTokens

listOAuthClients

listTrustedDevices

logout

refreshUser

register

requestPasswordReset

resendOtp

resendVerification

resetPassword

revokeAllTrustedDevices

revokeMCPToken

revokeTrustedDevice

status

tfaEvent

tfaRequired

user

verifyEmail

verifyTfa

Settings

On This Page