To install the package using npm, run the following
$ npm install @frontegg/e10s-client
Since the Entitlements Client is interacting with the Entitlements Agent, it is required to setup and run the agent.
Look for instructions here
import { EntitlementsClientFactory, RequestContextType } from '@frontegg/e10s-client';
const e10sClient = EntitlementsClientFactory.create({
pdpHost: 'localhost:8181' // Entitlements Agent Host
});
Subject context describes the user which performs the action, these can be taken from Frontegg JWT if authenticating with Frontegg
const subjectContext: SubjectContext = {
tenantId: 'my-tenant-id',
userId: 'my-user-id', // Optional
permissions: ['read', 'write'], // Optional
attributes: { 'my-custom-attribute': 'some-value' } // Optional
};
The Entitlements client allows you to query for a feature, permission or a route entitlement, each requires different context information.
const e10sResult = await e10sClient.isEntitledTo(
subjectContext,
{
type: RequestContextType.Feature,
featureKey: 'my-cool-feature'
}
);
if (!e10sResult.result) {
console.log(`User is not entitled to "my-cool-feature" feature, reason: ${e10sResult.justification}`);
}
const e10sResult = await e10sClient.isEntitledTo(
subjectContext,
{
type: RequestContextType.Permission,
permissionKey: 'read'
}
);
if (!e10sResult.result) {
console.log(`User is not entitled to "read" permission, reason: ${e10sResult.justification}`);
}
const e10sResult = await e10sClient.isEntitledTo(
subjectContext,
{
type: RequestContextType.Route,
method: "GET",
path: "/users"
}
);
if (!e10sResult.result) {
console.log(`User is not entitled to "GET /users" route, reason: ${e10sResult.justification}`);
}
List of possible justifications
Justification | Meaning |
---|---|
MISSING_FEATURE | User is missing the feature |
MISSING_PERMISSION | User is missing the permission |
PLAN_EXPIRED | User has a plan that covers the feature, but the plan is expired |
MISSING_ROUTE | Requested route is not configured |
ROUTE_DENIED | Requested route is configured to be blocked |
In case monitoring mode is enabled, the real results will only be logged, and the following payload will always return
{
"result": true,
"monitoring": true
}