React

Quick Start

Integrate Civic Auth into your React application with ease, just wrap your app with the Civic Auth provider and add your Client ID (provided after you sign up). A working example is available in our github examples repo.

import { CivicAuthProvider, UserButton } from "@civic/auth/react";

function App({ children }) {
  return (
    <CivicAuthProvider clientId="YOUR CLIENT ID">
      <UserButton />
      {children}
    </CivicAuthProvider>
  )
}

Usage

The User Button

The Civic Auth SDK comes with a multi-purpose styled component called the UserButton

import { UserButton, CivicAuthProvider } from '@civic/auth/react';

export function TitleBar() {
  return (
    <div className="flex justify-between items-center">
      <h1>My App</h1>
      <UserButton />
    </div>
  );
};

function App({ children }) {
  return (
    <CivicAuthProvider clientId="YOUR CLIENT ID">
      <TitleBar />
    </CivicAuthProvider>
  )
}

This component is context-dependent. If the user is logged in, it will show their profile picture and name. If the user is not logged in, it will show a Log In button.

Getting User Information on the Frontend

Use the Civic Auth SDK to retrieve user information on the frontend.

import { useUser } from '@civic/auth/react';

export function MyComponent() {
  const { user } = useUser();
  
  if (!user) return <div>User not logged in</div>
  
  return <div>Hello { user.name }!</div>
}

We use name as an example here, but you can call any user object property from the user fields schema, as shown below.

Advanced Configuration

Civic Auth is a "low-code" solution, so all configuration takes place via the dashboard. Changes you make there will be updated automatically in your integration without any code changes. The only required parameter you need to provide is the client ID.

The integration provides additional run-time settings and hooks that you can use to customize the library's integration with your own app. If you need any of these, you can add them to the CivicAuthProvider as follows:

<CivicAuthProvider
  clientId="YOUR CLIENT ID"
  ...other configuration
>

See below for the list of all configuration options

Field

Required

Default

Example

Description

clientId

Yes

2cc5633d-2c92-48da-86aa-449634f274b9

The key obtained on signup to auth.civic.com

nonce

1234

A single-use ID used during login, binding a login token with a given client. Needed in advanced authentication processes only

onSignIn

(error?: Error) => {
  if (error) { 
    // handle error
  } else {
    // handle successful login
  }
}

A hook that executes after a sign-in attempt, whether successful or not.

onSignOut

() => {
  // handle signout
}

A hook that executes after a user logs out.

redirectUrl

currentURL

/authenticating

An override for the page that OAuth will redirect to to perform token-exchange. By default Civic will redirect to the current URL and Authentication will be finished by the Civic provider automatically. Only use if you'd like to have some custom display or logic during OAuth token-exchange. The redirect page must have the CivicAuthProvider running in order to finish authentication.

iframeMode

modal

iframeMode={'embedded'}

Set to embedded if you want to embed the login iframe in your app rather than opening the iframe in a modal. See Embedded Login Iframe section below.

displayMode

iFrame

"iframe" | "redirect" | "new_tab"

"iframe": Authentication happens in an embedded window within your current page.

"redirect": Full page navigation to the auth server and back to your site after completion.

"new_tab": Opens auth flow in a new browser tab, returning to original tab after completion.

Display Mode

The display mode indicates where the Civic login UI will be displayed. The following display modes are supported:

iframe (default): the UI loads in an iframe that shows in an overlay on top of the existing page content
redirect: the UI redirects the current URL to a Civic login screen, then redirects back to your site when login is complete
new_tab: the UI opens in a new tab or popup window (depending on browser preferences), and after login is complete, the tab or popup closes to return the user to your site

API

User Context

The full user context object (provided by useUser) looks like this:

{ 
  user: User | null;
  // these are the OAuth tokens created during authentication
  idToken?: string;
  accessToken?: string;
  refreshToken?: string;
  forwardedTokens?: ForwardedTokens;
  // functions and flags for UI and signIn/signOut
  isLoading: boolean;
  error: Error | null;
  signIn: (displayMode?: DisplayMode) => Promise&#x3C;void>;
  signOut: () => Promise&#x3C;void>;
}

User

The User object looks like this:

type BaseUser = {
  id: string;
  email?: string;
  name?: string;
  picture?: string;
  given_name?: string;
  family_name?: string;
  updated_at?: Date;
};

type User<T> = BaseUser & T;

Where you can pass extra user attributes to the object that you know will be present in user claims, e.g.

const UserWithNickName = User<{ nickname: string }>;

Field descriptions:

Base User Fields

Field

The user's unique ID with respect to your app. You can use this to look up the user in the dashboard.

The user's email address

name

The user's full name

given_name

The user's given name

family_name

The user's family name

updated_at

The time at which the user's profile was most recently updated.

Token Fields

Typically developers will not need to interact with the token fields, which are used only for advanced use cases.

Field

idToken

The OIDC id token, used to request identity information about the user

accessToken

The OAuth 2.0 access token, allowing a client to make API calls to Civic Auth on behalf of the user.

refreshToken

The OAuth 2.0 refresh token, allowing a login session to be extended automatically without requiring user interaction. The Civic Auth SDK handles refresh automatically, so you do not need to do this.

forwardedTokens

If the user authenticated using SSO (single-sign-on login) with a federated OAuth provider such as Google, this contains the OIDC and OAuth 2.0 tokens from that provider.

Forwarded Tokens

Use forwardedTokens if you need to make requests to the source provider, such as find out provider-specific information.

An example would be, if a user logged in via Google, using the Google forwarded token to query the Google Groups that the user is a member of.

For example:

const googleAccessToken = user.forwardedTokens?.google?.accessToken;

If you want to have the Login screen open directly on a page without the user having to click on button, you can import the CivicAuthIframeContainer component along with the AuthProvider option iframeMode={"embedded"}

You just need to ensure that the CivicAuthIframeContainer is a child under a CivicAuthProvider

import { CivicAuthIframeContainer } from "@civic/auth/react";


const Login = () => {
  return (
      <div class="login-container">
        <CivicAuthIframeContainer />
      </div>
  );
};

const App = () => {
  return (
      <CivicAuthProvider
        clientId={"YOUR CLIENT ID"}
        iframeMode={"embedded"}
      >
        <Login />
      </CivicAuthProvider>
  );
}

PreviousCivic Auth NextNext.JS

Last updated 14 days ago