API Reference
Complete reference for the @qumra/app-sdk package exports, constants, and types.
Constants
| Constant | Value | Description |
|---|---|---|
AUTH_URL | https://api.qumra.cloud/v1/apps/auth/token | OAuth token exchange endpoint |
GRAPHQL_URL | https://api.qumra.cloud/graphql | GraphQL API endpoint |
DEFAULT_TIMEOUT_MS | 30000 | Default request timeout in milliseconds |
Complete Exports
The full list of exports available from @qumra/app-sdk:
// Default export
import QumraClient from "@qumra/app-sdk";
// Named exports
import {
// Core
fetchQuery,
// Authentication
createAdminGraphQL,
// Security
verifyJwt,
verifyRequestHmac,
verifyActionHmac,
// Validation
validateNotBot,
validateIframeRequest,
// Constants
AUTH_URL,
GRAPHQL_URL,
// Errors
QumraError,
QumraAuthError,
QumraFetchError,
QumraValidationError,
// Types
type Session,
type SessionStorage,
type JwtPayload,
type AdminGraphQLClient,
type AdminContext,
type AdminGetAuthResult,
type AdminPostAuthResult,
type AdminAuthData,
type FetchRequestOptions,
type HttpMethod,
type ActionHmacVerificationResult,
type QumraClientOptions,
} from "@qumra/app-sdk";
Core
| Export | Description |
|---|---|
QumraClient | Default export. Main SDK client class for initializing app authentication and API access. |
fetchQuery | Low-level function for making authenticated GraphQL requests to the Qumra API. |
Authentication
| Export | Description |
|---|---|
createAdminGraphQL | Creates an authenticated GraphQL client for making admin API calls. |
Security
| Export | Description |
|---|---|
verifyJwt | Verifies a JWT token and returns the decoded payload, or null if invalid. |
verifyRequestHmac | Verifies the HMAC signature of a request's query string parameters. |
verifyActionHmac | Verifies the HMAC signature of webhook request headers. |
Validation
| Export | Description |
|---|---|
validateNotBot | Validates that a request is not from a bot by checking headers and User-Agent patterns. |
validateIframeRequest | Validates that a request originates from a valid iframe context within the Qumra admin. |
Error Classes
| Export | Description |
|---|---|
QumraError | Base error class for all SDK errors. Contains a code property. |
QumraAuthError | Thrown when authentication fails. Code: "AUTH_ERROR". |
QumraFetchError | Thrown when an API request fails. Includes status, statusText, and responseBody. |
QumraValidationError | Thrown when request validation fails. Code: "VALIDATION_ERROR". |
Types
| Type | Description |
|---|---|
Session | Represents a user session with store and authentication data. |
SessionStorage | Interface for session persistence (create, read, update, delete). |
JwtPayload | Decoded JWT token payload with standard and custom claims. |
AdminGraphQLClient | Typed GraphQL client for making admin API requests. |
AdminContext | Context object returned by authenticate.admin() with admin, session, and metadata. |
AdminGetAuthResult | Result type for GET-based authentication flows. |
AdminPostAuthResult | Result type for POST-based authentication flows (webhooks). |
AdminAuthData | Combined authentication data including tokens and store information. |
FetchRequestOptions | Options for configuring fetchQuery requests (headers, timeout, etc.). |
HttpMethod | Union type of supported HTTP methods ("GET", "POST", "PUT", "DELETE", etc.). |
ActionHmacVerificationResult | Result object from verifyActionHmac with isValid, topic, store, and more. |
QumraClientOptions | Configuration options for initializing the QumraClient instance. |