Client Libraries and SDKs Overview

Overview#

Client libraries and SDKs will help you quickly integrate your application with FusionAuth. All of our client libraries are open source and hosted on our GitHub account. You can fork and tweak them as well as look over the code to learn how the client libraries work.

SDKs vs Client Libraries#

At FusionAuth, a client library is a thin wrapper over our FusionAuth APIs, and it provides complete coverage over all public FusionAuth API endpoints. A client library is like a set of legos, to be put together by a developer who wants to extend or manipulate FusionAuth to meet their needs.

You can use a client library to manage FusionAuth. For instance, if you wanted to rotate client secrets regularly, you could use a client library to do so.

It can also be used to integrate with a custom application to offer login experiences that are different from those that are offered out of the box. If, in your app, you wanted to prompt someone for a username first, then do a lookup, then offer them a custom password field, then prompt them to enter their favorite color, use a client library to perform these complicated, custom operations.

At FusionAuth, an SDK is an opinionated set of higher level constructs. These focus on a subset of functionality. These are like an assembled lego set.

These let you quickly accomplish the common tasks and are often targeted at developers working on the front end: mobile/React/Vue/Angular/JavaScript developers.

FusionAuth SDKs have:

• A button/function for logging in
• A button/function for logging out
• A button/function to register the user
• A filter/some way to examine roles and limit information displayed to a given role or set of roles
• A way to refresh a token without asking the user to reauthenticate.
• Secure access and refresh token storage

SDKs should require minimal customization to use.

If you want both the easy solutions provided by an SDK and the fine-grained control provided by a client library, you can use an SDK and a client library in the same application.

Languages#

If we are missing a language, open a GitHub Issue as a Feature Request if you don’t see it already listed as an open feature.

• Angular SDK
• Go Client Library
• Java Client Library
• .NET Core Client Library
• OpenAPI Client Library
• PHP Client Library
• Python Client Library
• React SDK
• Ruby Client Library
• Typescript Client Library
• Vue SDK

There are also community contributed client libraries for other languages.

Usage Suggestions#

FusionAuth client libraries are a thin wrapper around the REST API. Client libraries are typically used in two different ways.

First, they can be used to access the FusionAuth APIs in a familiar format, leveraging language features like auto-completion. When used for this, they can be helpful to script FusionAuth configuration, automate common tasks, and create copies of existing applications, groups and more.

To use the client libraries effectively in this way, it is helpful to review the source code of the client library and the API documentation, which contains the JSON structure. The API documentation is very thorough about the JSON objects it expects as part of the payload as well as what parameters are required when.

Second, client libraries can exchange a token to let a user to log in via the Authorization Code Grant. This is a secondary use of these libraries. This process is best done by using a language specific OAuth library, which will work with FusionAuth. Here is a community curated list of such libraries.

Client libraries do not currently provide higher level functionality such as token management. Here is an open issue detailing some requested higher level functionality. Please feel free to file an issue or upvote this one if you desire it.

You can always directly call the REST API if the client library functionality doesn’t work for you. All the client libraries use the REST API.

In general, the request object will either be string parameters or a complex object depending on the type of API call being made. Any request object will be mapped by the library to a JSON object required by the corresponding API method. Examining the API documents for the operations you’re trying to call will therefore be useful, especially if you are using language without static typing.

The response object will typically contain:

• a status corresponding to the HTTP status code returned by the API. It may also be -1 if no HTTP request was successfully made
• a JSON success object if the call succeeded.
• a JSON error object with an intelligible message if the status code is 4xx or 5xx.
• an exception object if there was no HTTP request sent or there was no reasonable response from the server.

Versioning#

FusionAuth represents releases with a version number: <major>.<minor>.<patch>. Major and minor releases can change the API, but patch releases never change the API. Client library version numbers show you which API version a client library was built for.

We strongly recommend using a client library with the same major and minor numbers as your FusionAuth instance version. This ensures that your client library supports the same APIs as your FusionAuth instance.

If you don’t keep your client library in sync with your FusionAuth version:

• you won’t be able to access new API endpoints
• you won’t benefit from client library improvements (e.g. exponential backoff, improved HTTP connections, etc)
• you could experience subtle bugs when existing API endpoints change behavior (e.g. changed argument order in an untyped language)
• if we remove an API endpoint, you could get runtime errors

Patch releases don’t always exist for client libraries since many bugfixes and small changes don’t impact client libraries. FusionAuth only creates patch releases for client libraries when we fix an issue in the library, so always upgrade to the latest patch release for your major and minor version. Patch releases may also update dependencies, language engines, and operating systems, as we follow the deprecation and sunsetting policies of each platform.

Consider a user whose FusionAuth instance runs version 1.61.1. They should:

• use Java client library version 1.61.2, the latest patch release for 1.61.x
• use TypeScript client library version 1.61.0, the latest patch release for 1.61.x

This theoretical user also ought to update their FusionAuth instance to 1.61.2, the latest patch for the major and minor instance version.

Upgrade Policy#

Besides the releases made to keep track of the FusionAuth API as mentioned above, SDKs and Client Libraries may periodically receive updates with bug fixes, security patches, tests, code samples, or documentation changes.

These releases may also update dependencies, language engines, and operating systems, as we’ll follow the deprecation and sunsetting policies of the underlying technologies that the libraries use.

This means that after a language, framework, or operating system is deprecated by their own maintainer, our SDKs and Client Libraries that depend on it will also be deprecated by us, and will eventually be updated to use a newer version.

For more information about upgrades, see our Upgrade guide.