@orangecheck/auth-core / signSession

Function: signSession()

function signSession(
   claims: {
  did_oc: string;
  display_identity?: DisplayIdentity | null;
  home_federation?: string | null;
  jti: string;
  merged_from?: string[];
  name?: string | null;
  npub?: string | null;
  signing_method?: "fedimint_threshold" | "fedimint_client" | "bip322" | null;
  step_up_at?: number;
  sub: string;
  sudo_at?: number;
}, 
   cfg: SignConfig, 
ttlSeconds: number): Promise<string>;

Defined in: index.ts:325

Mint a fresh oc_session JWT. Only called on the auth host (the only place that holds the private key).

The caller owns persisting jti to a revocation list if they want revocation semantics — auth-core is deliberately stateless.

Parameters

Parameter	Type
`claims`	{ `did_oc`: `string`; `display_identity?`: `DisplayIdentity` \| `null`; `home_federation?`: `string` \| `null`; `jti`: `string`; `merged_from?`: `string`[]; `name?`: `string` \| `null`; `npub?`: `string` \| `null`; `signing_method?`: `"fedimint_threshold"` \| `"fedimint_client"` \| `"bip322"` \| `null`; `step_up_at?`: `number`; `sub`: `string`; `sudo_at?`: `number`; }
`claims.did_oc`	`string`
`claims.display_identity?`	`DisplayIdentity` \| `null`
`claims.home_federation?`	`string` \| `null`
`claims.jti`	`string`
`claims.merged_from?`	`string`[]
`claims.name?`	`string` \| `null`
`claims.npub?`	`string` \| `null`
`claims.signing_method?`	`"fedimint_threshold"` \| `"fedimint_client"` \| `"bip322"` \| `null`
`claims.step_up_at?`	`number`
`claims.sub`	`string`
`claims.sudo_at?`	`number`
`cfg`	`SignConfig`
`ttlSeconds`	`number`

Returns

Promise<string>