Skip to content

Deployment & Distribution

This guide covers how to package, distribute, and deploy Authrim plugins.

Distribution Methods

MethodTargetCharacteristics
npm packagePublic pluginsVersion management, dependency resolution
Monorepo built-inOfficial pluginsReleased with Authrim
Private npmEnterprise pluginsnpm mechanisms while staying private
Local filesDevelopment/testingMost flexible

npm Package Structure

{
"name": "@your-org/authrim-plugin-example",
"version": "1.0.0",
"description": "Example plugin for Authrim",
"main": "dist/index.js",
"types": "dist/index.d.ts",
"files": [
"dist"
],
"scripts": {
"build": "tsup src/index.ts --format esm,cjs --dts",
"test": "vitest",
"prepublishOnly": "npm run build"
},
"peerDependencies": {
"@authrim/ar-lib-plugin": "^1.0.0",
"zod": "^3.0.0"
},
"devDependencies": {
"@authrim/ar-lib-plugin": "^1.0.0",
"tsup": "^8.0.0",
"typescript": "^5.0.0",
"vitest": "^1.0.0",
"zod": "^3.0.0"
},
"keywords": [
"authrim",
"authrim-plugin",
"authentication",
"notification"
],
"license": "MIT",
"repository": {
"type": "git",
"url": "https://github.com/your-org/authrim-plugin-example"
}
}

Project Structure

authrim-plugin-example/
├── src/
│ ├── index.ts # Plugin export
│ ├── handler.ts # Handler implementation
│ └── config.ts # Configuration schema
├── test/
│ ├── index.test.ts
│ └── handler.test.ts
├── package.json
├── tsconfig.json
├── tsup.config.ts
├── README.md
└── LICENSE

Export Pattern

src/index.ts
export { myPlugin } from './plugin';
export type { MyPluginConfig } from './config';
// Default export for convenience
export { myPlugin as default } from './plugin';

Official Plugin Criteria

ConditionDeterminationTrust Level
Built into ar-lib-plugin/builtin/Officialofficial
npm @authrim/* scopeOfficialofficial
Other sourcesCommunitycommunity

Versioning

Follow Semantic Versioning:

Major.Minor.Patch (e.g., 1.5.2)
│ │ └── Bug fixes (backwards compatible)
│ └────────── New features (backwards compatible)
└────────────────── Breaking changes

Plugin Version in Metadata

export const myPlugin: AuthrimPlugin<Config> = {
id: 'my-plugin',
version: '1.0.0', // Keep in sync with package.json
// ...
};

Compatibility Declaration

Declare Authrim version compatibility in metadata:

meta: {
name: 'My Plugin',
description: '...',
category: 'notification',
// Compatibility
minAuthrimVersion: '1.0.0', // Required minimum
maxAuthrimVersion: '1.999.999', // Optional maximum (usually set on major bump)
}

Compatibility Check Behavior

StateLevelBehavior
Older than minAuthrimVersionWarningLog output, continues
Newer than maxAuthrimVersionWarningLog output, continues
stability: 'deprecated'WarningDeprecation warning
stability: 'alpha' in productionWarningProduction warning

By default, only warnings are issued and plugin loading continues. This accounts for cases where declarations may be overly conservative.

Environment Variable Control

Terminal window
# Compatibility check level
PLUGIN_COMPATIBILITY_CHECK=warn # Default: warn and continue
PLUGIN_COMPATIBILITY_CHECK=error # Stop on incompatibility
PLUGIN_COMPATIBILITY_CHECK=ignore # Skip all checks

Built-in Registration

Built-in plugins are automatically registered at startup:

// In Authrim worker initialization
import { builtinPlugins } from '@authrim/ar-lib-plugin';
for (const plugin of builtinPlugins) {
await loader.loadPlugin(plugin, ctx, await configStore.get(plugin.id, plugin.configSchema));
}

npm Plugin Installation

For community plugins distributed via npm:

  1. Install the plugin package:

    Terminal window
    pnpm add @your-org/authrim-plugin-example
  2. Register in your worker initialization:

    import { examplePlugin } from '@your-org/authrim-plugin-example';
    // In worker init
    await loader.loadPlugin(examplePlugin, ctx, config);
  3. Configure via Admin API or environment variables

Local Development

For development and testing:

// Import from local path
import { myPlugin } from './plugins/my-plugin';
// Register during initialization
await loader.loadPlugin(myPlugin, ctx, {
apiKey: 'test-key',
endpoint: 'http://localhost:3000',
});

Publishing Checklist

Before publishing your plugin:

  • Tests pass: npm test
  • Types compile: npm run build
  • README complete: Installation, configuration, examples
  • License file: Include appropriate license (MIT recommended)
  • Changelog: Document changes between versions
  • Peer dependencies: Declare @authrim/ar-lib-plugin and zod
  • Keywords: Include authrim and authrim-plugin
  • Metadata complete: All required fields in meta

README Template

# Authrim Plugin: Example
Example notification plugin for Authrim.
## Installation
\`\`\`bash
pnpm add @your-org/authrim-plugin-example
\`\`\`
## Configuration
| Field | Type | Required | Default | Description |
|-------|------|----------|---------|-------------|
| `apiKey` | string | Yes | - | Your API key |
| `endpoint` | string | No | `https://api.example.com` | API endpoint |
| `timeout` | number | No | `10000` | Request timeout (ms) |
### Environment Variables
\`\`\`bash
PLUGIN_EXAMPLE_CONFIG='{"apiKey":"your-key"}'
\`\`\`
### Admin API
\`\`\`bash
curl -X PUT "/api/admin/plugins/example/config" \
-H "Authorization: Bearer {token}" \
-d '{"config": {"apiKey": "your-key"}}'
\`\`\`
## Usage
This plugin provides the `notifier.example` capability.
## License
MIT

Security Considerations

For Plugin Authors

  1. Never log secrets: Don’t log API keys or tokens
  2. Validate URLs: Prevent SSRF attacks
  3. Set timeouts: Prevent resource exhaustion
  4. Handle errors: Return structured errors, don’t throw
  5. Audit dependencies: Review and update regularly

For Plugin Users

Before installing a plugin:

  1. Author trustworthiness: Who developed it?
  2. Source code review: Review if possible
  3. Dependencies audit: Check for suspicious packages
  4. Activity check: Is it maintained?

Update Notifications

npm Plugins

  • Version information displayed in Admin UI
  • New version availability shown as reference
  • Update decisions are the user’s responsibility

Local/Private Plugins

  • Only version string displayed
  • No automatic update notification

Next Steps