Configuration
SladeIDConfig
| Field | Type | Default | Notes |
|---|---|---|---|
middlewareUrl | string | required | Base URL of the Slade ID backend service. |
auth | SladeIDAuth | required | Keycloak auth strategy — see Authentication and below. |
integratorId | string | optional | Tenant id; sent as X-Integrator-Id on orchestrator dispatch. Required with keycloakClientCredentials. |
fetchImpl | typeof fetch | globalThis.fetch | For Node test harnesses. |
timeoutMs | number | 15000 | Per network call. |
SladeIDAuth
How the SDK obtains its Keycloak bearer. See Authentication for the full flow and a reference backend broker.
type SladeIDAuth =
// Recommended for embedded / browser use. Your backend mints the token
// (see Authentication); the SDK calls getToken() on first use and again
// after a 401 to refresh. The secret never reaches the browser.
| { type: 'tokenProvider'; getToken: () => Promise<string> }
// Server / kiosk only — BROWSER-UNSAFE (embeds a client secret). The SDK
// runs the client_credentials exchange itself.
| {
type: 'keycloakClientCredentials';
clientId: string;
clientSecret: string;
issuerUrl?: string; // default: SIL identity issuer
realm?: string; // default: 'slade360'
audience?: string; // default: 'biometrics-middleware'
scope?: string;
};