Skip to content

Overview

What is @authrim/sveltekit?

@authrim/sveltekit is a full-stack authentication SDK for SvelteKit applications. It wraps @authrim/core with SvelteKit-specific integrations — server hooks, Svelte stores, pre-built components, and page templates.

flowchart TB
    subgraph Server ["Server (hooks.server.ts)"]
        direction LR
        Handle["createAuthHandle()"]
        SSM["ServerSessionManager"]
        Load["requireAuth() /
createAuthLoad()"] end subgraph Client ["Client (Browser)"] direction LR Auth["AuthrimClient"] Stores["Svelte Stores"] Components["Components"] UI["UI Library"] end subgraph Core ["@authrim/core"] direction LR CoreAuth["OIDC / OAuth"] CoreCrypto["PKCE / WebAuthn"] end Handle --> SSM SSM --> Load Load -->|SSR data| Auth Auth --> Stores Auth --> Core Stores --> Components Components --> UI

Package Exports

Export PathPurposeExample Imports
@authrim/sveltekitClient entry — factory, types, contextcreateAuthrim, AuthrimClient, AuthStores
@authrim/sveltekit/serverServer hooks and load helperscreateAuthHandle, requireAuth, createAuthLoad
@authrim/sveltekit/storesStore factory (advanced)createAuthStores
@authrim/sveltekit/componentsCore Svelte componentsAuthProvider, ProtectedRoute, SignInButton
@authrim/sveltekit/uiFull UI component libraryButton, Input, EmailCodeForm, PasskeyList
@authrim/sveltekit/ui/stylesTheme CSSimport '@authrim/sveltekit/ui/styles'
@authrim/sveltekit/ui/templatesPage templatesLoginTemplate, ConsentTemplate

Client API Namespaces

AuthrimClient exposes authentication features through namespaces:

NamespaceMethodsPurpose
auth.passkeylogin(), signUp(), register(), isSupported()WebAuthn passkey authentication
auth.emailCodesend(), verify(), hasPendingVerification()Email OTP authentication
auth.socialloginWithPopup(), loginWithRedirect(), handleCallback()Social provider authentication
auth.sessionget(), validate(), refresh(), isAuthenticated(), getUser(), clearCache()Session management
auth.consentgetData(), submit()OAuth consent screen
auth.deviceFlowsubmit()Device authorization (RFC 8628)
auth.cibagetData(), approve(), reject()CIBA flow
auth.loginChallengegetData()Login challenge screen
auth.signInpasskey(), social()Shortcut methods
auth.signUppasskey()Shortcut methods
auth.signOut()Sign out with optional redirect
auth.storessession, user, isAuthenticated, loadingState, errorReactive Svelte stores
auth.on()Event subscription

Svelte 4 / 5 Compatibility

AspectDetails
Peer dependencysvelte ^4.0.0 || ^5.0.0
SDK internal syntaxSvelte 4 (export let, <slot>, on:event)
Your app codeUse Svelte 5 runes ($state(), $props(), $derived(), $effect())
CompatibilitySDK components work unchanged in Svelte 5 projects

This documentation uses Svelte 5 runes for all examples. See Configuration for a Svelte 4 syntax reference.

Relationship to Web SDK

@authrim/sveltekit shares the same core authentication API as @authrim/web, but adds SvelteKit-specific features:

FeatureWeb SDKSvelteKit SDK
Authentication API✓ (same)
Server hooks / SSR
Svelte stores
Svelte components
UI library & templates
SvelteKit routing integration

For authentication flow details (WebAuthn internals, email code mechanics, social login protocols), see the Web SDK documentation.

Next Steps