@orangecheck/auth-client / OcSignInProps
Interface: OcSignInProps
Defined in: signin.tsx:42
Properties
| Property | Type | Description | Defined in |
|---|---|---|---|
<a id="property-add"></a> add? | boolean | Multi-account · when true, the sign-in is performed in "add" mode: the resulting session is appended to the browser's existing roster instead of replacing it. The previously-active account stays signed in and remains a switch target on the auth host. Off by default (back-compat). The component also reads ?add=1 from the URL search params and treats it the same — so the auth host's /signin?add=1 entry point Just Works without any extra prop. The add flag is forwarded as a body field to the host's /api/auth/signin and /api/auth/email-otp/verify; if the host hasn't deployed the multi-account migration yet it silently ignores the field and the call falls back to ordinary signin. | signin.tsx:119 |
<a id="property-audience"></a> audience | string | Consumer-site audience URL passed as expectedAudience on the BIP-322 challenge. e.g. 'https://vault.ochk.io'. Required — the challenge nonce is bound to this audience. | signin.tsx:48 |
<a id="property-authorigin"></a> authOrigin? | string | Override the auth host. Defaults to 'https://ochk.io'. For preview / dev / staging only. | signin.tsx:82 |
<a id="property-classname"></a> className? | string | className for the outer container. | signin.tsx:121 |
<a id="property-initialpath"></a> initialPath? | "wallet" | "email" | Initial visible tab on mobile. Defaults to 'wallet'. On desktop both paths render side-by-side and this is ignored. | signin.tsx:87 |
<a id="property-linkprompt"></a> linkPrompt? | boolean | Whether to show the "also link my other identity" checkbox on the sign-in form. On by default. The checkbox is optional and unchecked by default; it is shown on both the wallet and email paths. If the user ticks it, the complementary identity's link ceremony (BIP-322 for a wallet, OTP for an email) runs inline immediately after a successful sign-in — before onSuccess / returnTo, so it composes with custom routing — because the sign-in just proved one credential and the link ceremony proves the second. Pass linkPrompt={false} to omit the checkbox. | signin.tsx:104 |
<a id="property-onsuccess"></a> onSuccess? | (account: OcAccount, token?: string) => void | Override the default hard-navigation behavior. When provided, called with the account and the session JWT. The component will NOT navigate — the caller is responsible. Use for custom post-signin routing — e.g. /popup/signin postMessages { account, token } to its opener so a cross-domain integrator (different eTLD+1 from .ochk.io, which the HttpOnly cookie can't reach) can verify the session via JWKS. | signin.tsx:64 |
<a id="property-paths"></a> paths? | { email?: boolean; wallet?: boolean; } | Disable one of the two paths. Default is both enabled. Useful for B2B-only sites that don't want to expose email-OTP. | signin.tsx:92 |
paths.email? | boolean | - | signin.tsx:92 |
paths.wallet? | boolean | - | signin.tsx:92 |
<a id="property-resolvereturnto"></a> resolveReturnTo? | (account: OcAccount) => string | Promise<string> | Async post-success routing. When provided (and onSuccess is not), the component awaits resolveReturnTo(account) and hard-navigates to the result instead of the static returnTo. This is the seam that lets a site keep persona-aware routing without forking the ceremony — e.g. me.ochk.io resolves /api/me/intent and routes to /me/developer | /me/operator |
<a id="property-returnto"></a> returnTo? | string | Where to navigate after success. Defaults to '/'. Open-redirect-safe: same-origin paths only (must start with /, NOT //). Absolute URLs are ignored. | signin.tsx:54 |