The xkit Developer Hub

Welcome to the xkit developer hub. You'll find comprehensive guides and documentation to help you start working with xkit as quickly as possible, as well as support if you get stuck. Let's jump right in!

Get Started    

Authenticating Users as Contexts

Getting tokens for your users to access Xkit

In order for Xkit to be able to manage the authorization process with 3rd party apps (e.g. the OAuth process), we need to know who the user is and that they have been authorized by you to create connections.

We do this through Xkit Context Tokens, tokens that you create that authenticate the user with Xkit in a particular context, our term for any grouping that is meaningful to your app as a way to organize user connections.

For example, if your app requires that each user have their own connection to an app, the context would be an individual user. If, on the other hand, your app requires that there is one connection to an app that is shared by an entire company, the context would the the company.

You create a Context (and an accompanying token) by calling the Create Context API with an active API Key.

The only data you need to provide is an external_id - an identifier that uniquely identifies the context in your systems. For example, if the context is a user, this would be a User ID, or if it's a company, it would be the Company ID.

You can optionally provide an external_name, a friendly name for you and your stuff to recognize the context, like a Company name or a user's email address.

A simple example using Node.js with an ExpressJS server follows, but it should be similar in any language.

Create a context

When your authenticated user needs to access Xkit on the front-end (e.g. to create a connection to a 3rd party service), call the Create Context endpoint to create (or update) a context and retrieve a Context Token to identify the user to Xkit.

import axios from 'axios'


app.post('/xkit-token', async (req, res) => {
  if (!req.user) {
    throw new Error('No user is logged in')
  const { access_token } = await axios({
    baseUrl: 'https://app.xkit.co/api/platform',
    method: 'post',
    url: '/context',
    auth: {
      username: XKIT_PUBLISHABLE_KEY,
      password: XKIT_SECRET_KEY
    data: {
      // Using the current user as the context
      context: {
        external_id: req.user.id,
        // Optional Frindly Name
        external_name: req.user.email
  res.json({ token: access_token })

Authenticate with Xkit

Once your front-end has the Xkit Context Token, you can authenticate using xkit.js.

import axios from 'axios'
import createXkit from '@xkit-co/xkit.js`

const xkit = createXkit('<your-slug>.xkit.co')

xkit.login(async () => {
  const { token } = await axios({
    method: 'post',
    url: '/xkit-token'

  return token

Updated 24 days ago

Authenticating Users as Contexts

Getting tokens for your users to access Xkit

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.