@orangecheck/auth-client / OcAccount
Interface: OcAccount
Defined in: types.ts:26
Properties
| Property | Type | Description | Defined in |
|---|---|---|---|
<a id="property-accountid"></a> accountId | string | - | types.ts:27 |
<a id="property-didoc"></a> didOc | string | Opaque public-facing identifier · did:oc:<32-hex>. The sole user identifier post auth-refactor. Stable across linking events. Per AUTH-REFACTOR-PLAN.md §2.1. | types.ts:33 |
<a id="property-displayidentity"></a> displayIdentity | DisplayIdentity | The identity the user has chosen to show as their account-badge label — { kind, value }. Always populated: when the user has never promoted an identity (and on sessions minted before the feature shipped) this is { kind:'did', value:didOc }. <OcAccountMenu> renders value (shortened) as the collapsed badge label. Integrators rendering their own chip read this directly; change it with useOcSession().setDisplayIdentity(). | types.ts:99 |
<a id="property-displayname"></a> displayName? | string | null | - | types.ts:48 |
<a id="property-hasemail"></a> hasEmail? | boolean | True when the user has a primary email linked. Plaintext is fetchable on demand via /api/auth/identities; not surfaced here. | types.ts:47 |
<a id="property-homefederation"></a> homeFederation? | string | null | Slug of the federation this user is bound to (their "home" federation). Multi-federation routing reads this; null/undefined means "not yet bound — fall back to the directory default at /api/federations". v1 has one live federation, so this is set on first signin and rarely changes. | types.ts:57 |
<a id="property-isowner"></a> isOwner? | boolean | Best-effort owner-flag · true when the user's did_oc was on the auth host's OWNER_OC_ADDRESSES env at the time the JWT was minted. Surfaced so the family-switcher and other low- stakes UX can render owner-only affordances (e.g. an analytics.ochk.io entry visible only to owners). NOT A SECURITY BOUNDARY. Sensitive surfaces — including analytics.ochk.io itself — re-check the live env against session.did_oc server-side on every request. If an owner is removed from the env, their JWT may keep isOwner: true for up to the JWT lifetime (~30d) but every gated action they attempt re-fails. The flag exists purely so we can show or hide UX hints without an extra round-trip on every page load. Treat absence as false. | types.ts:88 |
<a id="property-nostrnpub"></a> nostrNpub? | string | null | - | types.ts:49 |
<a id="property-primarybtc"></a> primaryBtc? | string | null | Primary linked Bitcoin address, plaintext, when the user has one — null for email-OTP users until they link a btc address. Surfaced inline by the auth host's /api/auth/me so consumer dashboards can render the user's own footprint without a second round-trip through /api/auth/identities. | types.ts:41 |
<a id="property-signingmethod"></a> signingMethod? | "bip322" | "fedimint_threshold" | "fedimint_client" | null | Where this user is on the custody-state graph: - 'fedimint_threshold' — federation custody (OC-introduced) - 'fedimint_client' — federation custody (user-picked) - 'bip322' — full self-custody Graduation is the product thesis. Treat undefined as 'fedimint_threshold' for did:email: addresses and 'bip322' for Bitcoin addresses (the default-by-construction mapping for tokens minted before this field shipped). | types.ts:70 |