Skip to main content
The Crossmint Server SDK provides a comprehensive set of tools for authenticating users in server-side rendered (SSR) applications. It simplifies the process of handling authentication tokens and managing user sessions, making it easier to integrate authentication into your Next.js, Express, or other Node.js applications.

Installation

Install the SDK using npm or yarn: 
npm install @crossmint/server-sdk

Quick Start

1

Initialize the SDK

Import and create a Crossmint instance with your API key:
import { createCrossmint, CrossmintAuth } from "@crossmint/server-sdk";

const crossmint = createCrossmint({
    apiKey: process.env.SERVER_CROSSMINT_API_KEY || "",
});

const crossmintAuth = CrossmintAuth.from(crossmint);
2

Authenticate users

Use the getSession method to retrieve user session information:
import { cookies } from "next/headers";

const cookieStore = cookies();
const jwtCookie = cookieStore.get("crossmint-session")?.value;
const refreshCookie = cookieStore.get("crossmint-refresh-token")?.value;

const { jwt, userId } = await crossmintAuth.getSession({
    jwt: jwtCookie,
    refreshToken: refreshCookie,
});
3

Store authentication in cookies

For frameworks with access to the response object, store authentication material in cookies:
const { jwt, userId } = await crossmintAuth.getSession(request, response);

Key Features

Automatic Token Refresh

The SDK automatically validates and refreshes JWT tokens when they expire, ensuring seamless user sessions. Store authentication material in secure, HttpOnly cookies with customizable options for maximum security.

Framework Agnostic

Works with any server-side JavaScript framework including Next.js, Express, Fastify, and more.

User Management

Retrieve user information and manage authentication state across your application.

Core Classes and Methods

CrossmintAuth

The main class for handling authentication operations:
  • getSession() - Retrieve and validate user sessions
  • logout() - Clear authentication state
  • handleCustomRefresh() - Handle token refresh requests
  • getUser() - Retrieve user information by external user ID
  • verifyCrossmintJwt() - Verify JWT tokens
Source: CrossmintAuthServer.ts:30

Next Steps

Authentication

Learn how to authenticate users and manage sessions

Session Management

Handle session validation and token refresh

Custom Refresh Routes

Set up custom refresh routes for enhanced security

Build docs developers (and LLMs) love

Get started for freeTalk to us