Represents an instance of a signed in user for a particular app.

A signed in user has access to two major pieces of information about the user, the user's private key for that app and the location of the user's gaia storage bucket for the app.

A user can be signed in either directly through the interactive sign in process or by directly providing the app private key.


  • UserSession


  • Creates a UserSession object


    • Optional options: {
          appConfig?: AppConfig;
          sessionOptions?: SessionOptions;
          sessionStore?: SessionDataStore;
      • Optional appConfig?: AppConfig
      • Optional sessionOptions?: SessionOptions
      • Optional sessionStore?: SessionDataStore

    Returns UserSession


appConfig: AppConfig
store: SessionDataStore


  • Decrypts data encrypted with encryptContent with the transit private key.


    • content: string

      encrypted content.

    • Optional options: {
          privateKey?: string;
      • Optional privateKey?: string

        The hex string of the ECDSA private key to use for decryption. If not provided, will use user's appPrivateKey.

    Returns Promise<string | Uint8Array>

    decrypted content.

  • Encrypts the data provided with the app public key.


    Returns Promise<string>

    Stringified ciphertext object

  • Generates a ECDSA keypair to use as the ephemeral app transit private key and store in the session.

    Returns string

    the hex encoded private key

  • Retrieve the authentication token from the URL query

    Returns string

    the authentication token if it exists otherwise null

  • Try to process any pending sign in request by returning a Promise that resolves to the user data object if the sign in succeeds.


    • authResponseToken: string = ...

      the signed authentication response token

    • fetchFn: FetchFn = ...

    Returns Promise<UserData>

    that resolves to the user data object if successful and rejects if handling the sign in request fails or there was no pending sign in request.

  • Check if there is a authentication request that hasn't been handled.

    Also checks for a protocol echo reply (which if detected then the page will be automatically redirected after this call).

    Returns boolean

    true if there is a pending sign in, otherwise false

  • Check if a user is currently signed in.

    Returns boolean

    true if the user is signed in, false if not.

  • Retrieves the user data object. The user's profile is stored in the key [[Profile]].

    Returns UserData

    User data object.

  • Parameters

    • Rest ...args: [transitKey?: string, redirectURI?: string, manifestURI?: string, scopes?: string[], appDomain?: string, expiresAt: number, extraParams: any]

    Returns string


    makeAuthRequest was renamed to makeAuthRequestToken

  • Generates an authentication request that can be sent to the Blockstack browser for the user to approve sign in. This authentication request can then be used for sign in by passing it to the [[redirectToSignInWithAuthRequest]] method.

    Note: This method should only be used if you want to use a customized authentication flow. Typically, you'd use [[redirectToSignIn]] which is the default sign in method.


    • Optional transitKey: string

      A HEX encoded transit private key.

    • Optional redirectURI: string

      Location to redirect the user to after sign in approval.

    • Optional manifestURI: string

      Location of this app's manifest file.

    • Optional scopes: string[]

      The permissions this app is requesting. The default is store_write.

    • Optional appDomain: string

      The origin of the app.

    • expiresAt: number = ...

      The time at which this request is no longer valid.

    • extraParams: any = {}

      Any extra parameters to pass to the authenticator. Use this to pass options that aren't part of the Blockstack authentication specification, but might be supported by special authenticators.

    Returns string

    the authentication request token

  • Sign the user out and optionally redirect to given location.


    • Optional redirectURL: string

      Location to redirect user to after sign out. Only used in environments with window available

    Returns void

Generated using TypeDoc