API Docs for: 1.0.8
Show:

FxAccountClient Class

Defined in: client/FxAccountClient.js:47

Constructor

FxAccountClient

(
  • uri
  • config
)

Defined in client/FxAccountClient.js:47

Parameters:

  • uri String

    Auth Server URI

  • config Object

    Configuration

Methods

_passwordChangeFinish

(
  • email
  • newPassword
  • oldCreds
  • keys
  • [options={}]
)
Promise private

Defined in client/FxAccountClient.js:1171

Third step to change the password.

Parameters:

  • email String
  • newPassword String
  • oldCreds Object

    This object should consists of oldUnwrapBKey, keyFetchToken and passwordChangeToken.

  • keys Object

    This object should contain the unbundled keys

  • [options={}] Object optional

    Options

    • [keys] Boolean optional

      If true, calls the API with ?keys=true to get the keyFetchToken

    • [sessionToken] String optional

      If a sessionToken is passed, a new sessionToken will be returned with the same verified status as the existing sessionToken.

Returns:

Promise:

A promise that will be fulfilled with JSON of xhr.responseText

_passwordChangeKeys

(
  • oldCreds
)
Promise private

Defined in client/FxAccountClient.js:1151

Second step to change the password.

Parameters:

  • oldCreds Object

    This object should consists of oldUnwrapBKey, keyFetchToken and passwordChangeToken.

Returns:

Promise:

A promise that will be fulfilled with JSON of xhr.responseText

accountDestroy

(
  • email
  • password
  • [options={}]
  • sessionToken
)
Promise

Defined in client/FxAccountClient.js:746

This deletes the account completely. All stored data is erased.

Parameters:

  • email String

    Email input

  • password String

    Password input

  • [options={}] Object optional

    Options

    • [skipCaseError] Boolean optional

      If true, the request will skip the incorrect case error

  • sessionToken String

    User session token

Returns:

Promise:

A promise that will be fulfilled with JSON xhr.responseText of the request

accountKeys

(
  • keyFetchToken
  • oldUnwrapBKey
)
Promise

Defined in client/FxAccountClient.js:705

Get the base16 bundle of encrypted kA|wrapKb.

Parameters:

  • keyFetchToken String
  • oldUnwrapBKey String

Returns:

Promise:

A promise that will be fulfilled with JSON of {kA, kB} of the key bundle

accountReset

(
  • email
  • newPassword
  • accountResetToken
  • [options={}]
)
Promise

Defined in client/FxAccountClient.js:634

The API returns reset result to the client. HAWK-authenticated with accountResetToken

Parameters:

  • email String
  • newPassword String
  • accountResetToken String
  • [options={}] Object optional

    Options

    • [keys] Boolean optional

      If true, a new keyFetchToken is provisioned. options.sessionToken is required if options.keys is true.

    • [sessionToken] Boolean optional

      If true, a new sessionToken is provisioned.

Returns:

Promise:

A promise that will be fulfilled with JSON xhr.responseText of the request

accountStatus

(
  • uid
)
Promise

Defined in client/FxAccountClient.js:803

Gets the status of an account by uid.

Parameters:

  • uid String

    User account id

Returns:

Promise:

A promise that will be fulfilled with JSON xhr.responseText of the request

accountStatusByEmail

(
  • email
)
Promise

Defined in client/FxAccountClient.js:821

Gets the status of an account by email.

Parameters:

  • email String

    User account email

Returns:

Promise:

A promise that will be fulfilled with JSON xhr.responseText of the request

certificateSign

(
  • sessionToken
  • publicKey
  • duration
  • [options={}]
  • [service='']
)
Promise

Defined in client/FxAccountClient.js:1012

Sign a BrowserID public key

Parameters:

  • sessionToken String

    User session token

  • publicKey Object

    The key to sign

  • duration Int

    Time interval from now when the certificate will expire in milliseconds

  • [options={}] Object optional

    Options

  • [service=''] String optional

    The requesting service, sent via the query string

Returns:

Promise:

A promise that will be fulfilled with JSON xhr.responseText of the request

checkTotpTokenExists

(
  • sessionToken
)

Defined in client/FxAccountClient.js:1738

Check to see if the current user has a TOTP token associated with their account.

Parameters:

  • sessionToken String

    SessionToken obtained from signIn

consumeRecoveryCode

(
  • sessionToken
  • code
)

Defined in client/FxAccountClient.js:1808

Consume recovery code.

Parameters:

  • sessionToken String

    SessionToken obtained from signIn

  • code String

    recovery code

consumeSigninCode

(
  • code
  • flowId
  • flowBeginTime
  • [deviceId]
)

Defined in client/FxAccountClient.js:1561

Consume a signinCode.

Parameters:

  • code String

    The signinCode entered by the user

  • flowId String

    Identifier for the current event flow

  • flowBeginTime Number

    Timestamp for the flow.begin event

  • [deviceId] String optional

    Identifier for the current device

createTotpToken

(
  • sessionToken
  • [options.metricsContext={}]
  • options.metricsContext.deviceId
  • options.metricsContext.flowId
  • options.metricsContext.flowBeginTime
  • options.metricsContext.utmCampaign
  • options.metricsContext.utmContent
  • options.metricsContext.utmMedium
  • options.metricsContext.utmSource
  • options.metricsContext.utmTerm
)

Defined in client/FxAccountClient.js:1685

Creates a new TOTP token for the user associated with this session.

Parameters:

  • sessionToken String

    SessionToken obtained from signIn

  • [options.metricsContext={}] Object optional

    Metrics context metadata

  • options.metricsContext.deviceId String

    identifier for the current device

  • options.metricsContext.flowId String

    identifier for the current event flow

  • options.metricsContext.flowBeginTime Number

    flow.begin event time

  • options.metricsContext.utmCampaign Number

    marketing campaign identifier

  • options.metricsContext.utmContent Number

    content identifier

  • options.metricsContext.utmMedium Number

    acquisition medium

  • options.metricsContext.utmSource Number

    traffic source

  • options.metricsContext.utmTerm Number

    search terms

deleteTotpToken

(
  • sessionToken
)

Defined in client/FxAccountClient.js:1719

Deletes this user's TOTP token.

Parameters:

  • sessionToken String

    SessionToken obtained from signIn

deviceDestroy

(
  • sessionToken
  • deviceId
)
Promise

Defined in client/FxAccountClient.js:1345

Unregister an existing device

Parameters:

  • sessionToken String

    Session token obtained from signIn

  • deviceId String

    User-unique identifier of device

Returns:

Promise:

A promise that will be fulfilled with JSON xhr.responseText of the request

deviceList

(
  • sessionToken
)
Promise

Defined in client/FxAccountClient.js:1372

Get a list of all devices for a user

Parameters:

  • sessionToken String

    sessionToken obtained from signIn

Returns:

Promise:

A promise that will be fulfilled with JSON xhr.responseText of the request

deviceRegister

(
  • sessionToken
  • deviceName
  • deviceType
  • [options={}]
)
Promise

Defined in client/FxAccountClient.js:1257

Add a new device

Parameters:

  • sessionToken String

    User session token

  • deviceName String

    Name of device

  • deviceType String

    Type of device (mobile|desktop)

  • [options={}] Object optional

    Options

    • [deviceCallback] String optional

      Device's push endpoint.

    • [devicePublicKey] String optional

      Public key used to encrypt push messages.

    • [deviceAuthKey] String optional

      Authentication secret used to encrypt push messages.

Returns:

Promise:

A promise that will be fulfilled with JSON xhr.responseText of the request

deviceUpdate

(
  • sessionToken
  • deviceId
  • deviceName
  • [options={}]
)
Promise

Defined in client/FxAccountClient.js:1301

Update the name of an existing device

Parameters:

  • sessionToken String

    User session token

  • deviceId String

    User-unique identifier of device

  • deviceName String

    Name of device

  • [options={}] Object optional

    Options

    • [deviceCallback] String optional

      Device's push endpoint.

    • [devicePublicKey] String optional

      Public key used to encrypt push messages.

    • [deviceAuthKey] String optional

      Authentication secret used to encrypt push messages.

Returns:

Promise:

A promise that will be fulfilled with JSON xhr.responseText of the request

getRandomBytes

() Promise

Defined in client/FxAccountClient.js:1246

Get 32 bytes of random data. This should be combined with locally-sourced entropy when creating salts, etc.

Returns:

Promise:

A promise that will be fulfilled with JSON xhr.responseText of the request

passwordChange

(
  • email
  • oldPassword
  • newPassword
  • [options={}]
)
Promise

Defined in client/FxAccountClient.js:1050

Change the password from one known value to another.

Parameters:

  • email String
  • oldPassword String
  • newPassword String
  • [options={}] Object optional

    Options

    • [keys] Boolean optional

      If true, calls the API with ?keys=true to get a new keyFetchToken

    • [sessionToken] String optional

      If a sessionToken is passed, a new sessionToken will be returned with the same verified status as the existing sessionToken.

Returns:

Promise:

A promise that will be fulfilled with JSON xhr.responseText of the request

passwordChangeStart

(
  • email
  • oldPassword
  • [options={}]
)
Promise private

Defined in client/FxAccountClient.js:1091

First step to change the password.

Parameters:

  • email String
  • oldPassword String
  • [options={}] Object optional

    Options

    • [skipCaseError] Boolean optional

      If true, the request will skip the incorrect case error

Returns:

Promise:

A promise that will be fulfilled with JSON of xhr.responseText and oldUnwrapBKey

passwordForgotResendCode

(
  • email
  • passwordForgotToken
  • [options={}]
)
Promise

Defined in client/FxAccountClient.js:518

Re-sends a verification code to the account's recovery email address. HAWK-authenticated with the passwordForgotToken.

Parameters:

  • email String
  • passwordForgotToken String
  • [options={}] Object optional

    Options

    • [service] String optional

      Opaque alphanumeric token to be included in verification links

    • [redirectTo] String optional

      a URL that the client should be redirected to after handling the request

    • [resume] String optional

      Opaque url-encoded string that will be included in the verification link as a querystring parameter, useful for continuing an OAuth flow for example.

    • [lang] String optional

      set the language for the 'Accept-Language' header

Returns:

Promise:

A promise that will be fulfilled with JSON xhr.responseText of the request

passwordForgotSendCode

(
  • email
  • [options={}]
)
Promise

Defined in client/FxAccountClient.js:451

Used to ask the server to send a recovery code. The API returns passwordForgotToken to the client.

Parameters:

  • email String
  • [options={}] Object optional

    Options

    • [service] String optional

      Opaque alphanumeric token to be included in verification links

    • [redirectTo] String optional

      a URL that the client should be redirected to after handling the request

    • [resume] String optional

      Opaque url-encoded string that will be included in the verification link as a querystring parameter, useful for continuing an OAuth flow for example.

    • [lang] String optional

      set the language for the 'Accept-Language' header

    • [metricsContext={}] Object optional

      Metrics context metadata

      • deviceId String
        identifier for the current device
      • flowId String
        identifier for the current event flow
      • flowBeginTime Number
        flow.begin event time
      • utmCampaign Number
        marketing campaign identifier
      • utmContent Number
        content identifier
      • utmMedium Number
        acquisition medium
      • utmSource Number
        traffic source
      • utmTerm Number
        search terms

Returns:

Promise:

A promise that will be fulfilled with JSON xhr.responseText of the request

passwordForgotStatus

(
  • passwordForgotToken
)
Promise

Defined in client/FxAccountClient.js:612

Returns the status for the passwordForgotToken. If the request returns a success response, the token has not yet been consumed.

Parameters:

  • passwordForgotToken String

Returns:

Promise:

A promise that will be fulfilled with JSON xhr.responseText of the request

passwordForgotVerifyCode

(
  • code
  • passwordForgotToken
  • [options={}]
)
Promise

Defined in client/FxAccountClient.js:577

Submits the verification token to the server. The API returns accountResetToken to the client. HAWK-authenticated with the passwordForgotToken.

Parameters:

  • code String
  • passwordForgotToken String
  • [options={}] Object optional

    Options

    • [accountResetWithRecoveryKey] Boolean optional

      verifying code to be use in account recovery

Returns:

Promise:

A promise that will be fulfilled with JSON xhr.responseText of the request

recoveryEmailCreate

(
  • sessionToken
  • email
)

Defined in client/FxAccountClient.js:1610

Create a new recovery email for the signed in account.

Parameters:

  • sessionToken String

    SessionToken obtained from signIn

  • email String

    new email to be added

recoveryEmailDestroy

(
  • sessionToken
  • email
)

Defined in client/FxAccountClient.js:1636

Remove the recovery email for the signed in account.

Parameters:

  • sessionToken String

    SessionToken obtained from signIn

  • email String

    email to be removed

recoveryEmailResendCode

(
  • sessionToken
  • [options={}]
)
Promise

Defined in client/FxAccountClient.js:384

Re-sends a verification code to the account's recovery email address.

Parameters:

  • sessionToken String

    sessionToken obtained from signIn

  • [options={}] Object optional

    Options

    • [email] String optional

      Code will be resent to this email, only used for secondary email codes

    • [service] String optional

      Opaque alphanumeric token to be included in verification links

    • [redirectTo] String optional

      a URL that the client should be redirected to after handling the request

    • [resume] String optional

      Opaque url-encoded string that will be included in the verification link as a querystring parameter, useful for continuing an OAuth flow for example.

    • [type] String optional

      Specifies the type of code to send, currently only supported type is upgradeSession.

    • [lang] String optional

      set the language for the 'Accept-Language' header

Returns:

Promise:

A promise that will be fulfilled with JSON xhr.responseText of the request

recoveryEmails

(
  • sessionToken
)

Defined in client/FxAccountClient.js:1590

Get the recovery emails associated with the signed in account.

Parameters:

  • sessionToken String

    SessionToken obtained from signIn

recoveryEmailSetPrimaryEmail

(
  • sessionToken
  • email
)

Defined in client/FxAccountClient.js:1662

Changes user's primary email address.

Parameters:

  • sessionToken String

    SessionToken obtained from signIn

  • email String

    Email that will be the new primary email for user

recoveryEmailStatus

(
  • sessionToken
)
Promise

Defined in client/FxAccountClient.js:365

Parameters:

  • sessionToken String

    sessionToken obtained from signIn

Returns:

Promise:

A promise that will be fulfilled with JSON xhr.responseText of the request

rejectLoginAuthorizationCode

(
  • uid
  • unblockCode
)
Promise

Defined in client/FxAccountClient.js:1450

Reject a login unblock code. Code will be deleted from the server and will not be able to be used again.

Parameters:

  • uid String

    Account ID

  • unblockCode String

    unblock code

Returns:

Promise:

A promise that will be fulfilled with JSON xhr.responseText of the request

replaceRecoveryCodes

(
  • sessionToken
)

Defined in client/FxAccountClient.js:1788

Replace user's recovery codes.

Parameters:

  • sessionToken String

    SessionToken obtained from signIn

sendSms

(
  • sessionToken
  • phoneNumber
  • messageId
  • [options={}]
)

Defined in client/FxAccountClient.js:1476

Send an sms.

Parameters:

  • sessionToken String

    SessionToken obtained from signIn

  • phoneNumber String

    Phone number sms will be sent to

  • messageId String

    Corresponding message id that will be sent

  • [options={}] Object optional

    Options

    • [lang] String optional

      Language that sms will be sent in

    • [features] Array optional

      Array of features to be enabled for the request

    • [metricsContext={}] Object optional

      Metrics context metadata

      • deviceId String
        identifier for the current device
      • flowId String
        identifier for the current event flow
      • flowBeginTime Number
        flow.begin event time
      • utmCampaign Number
        marketing campaign identifier
      • utmContent Number
        content identifier
      • utmMedium Number
        acquisition medium
      • utmSource Number
        traffic source
      • utmTerm Number
        search terms

sendUnblockCode

(
  • email
  • [options={}]
)
Promise

Defined in client/FxAccountClient.js:1414

Send an unblock code

Parameters:

  • email String

    email where to send the login authorization code

  • [options={}] Object optional

    Options

    • [metricsContext={}] Object optional

      Metrics context metadata

      • deviceId String
        identifier for the current device
      • flowId String
        identifier for the current event flow
      • flowBeginTime Number
        flow.begin event time
      • utmCampaign Number
        marketing campaign identifier
      • utmContent Number
        content identifier
      • utmMedium Number
        acquisition medium
      • utmSource Number
        traffic source
      • utmTerm Number
        search terms

Returns:

Promise:

A promise that will be fulfilled with JSON xhr.responseText of the request

sessionDestroy

(
  • sessionToken
  • [options={}]
)
Promise

Defined in client/FxAccountClient.js:839

Destroys this session, by invalidating the sessionToken.

Parameters:

  • sessionToken String

    User session token

  • [options={}] Object optional

    Options

    • [customSessionToken] String optional

      Override which session token to destroy for this same user

Returns:

Promise:

A promise that will be fulfilled with JSON xhr.responseText of the request

sessionReauth

(
  • sessionToken
  • email
  • password
  • [options={}]
)
Promise

Defined in client/FxAccountClient.js:889

Parameters:

  • sessionToken String

    sessionToken obtained from signIn

  • email String

    Email input

  • password String

    Password input

  • [options={}] Object optional

    Options

    • [keys] Boolean optional

      If true, calls the API with ?keys=true to get the keyFetchToken

    • [skipCaseError] Boolean optional

      If true, the request will skip the incorrect case error

    • [service] String optional

      Service being accessed that needs reauthentication

    • [reason] String optional

      Reason for reauthentication. Can be one of: signin, password_check, password_change, password_reset

    • [redirectTo] String optional

      a URL that the client should be redirected to after handling the request

    • [resume] String optional

      Opaque url-encoded string that will be included in the verification link as a querystring parameter, useful for continuing an OAuth flow for example.

    • [originalLoginEmail] String optional

      If retrying after an "incorrect email case" error, this specifies the email address as originally entered by the user.

    • [verificationMethod] String optional

      Request a specific verification method be used for verifying the session, e.g. 'email-2fa' or 'totp-2fa'.

    • [metricsContext={}] Object optional

      Metrics context metadata

      • deviceId String
        identifier for the current device
      • flowId String
        identifier for the current event flow
      • flowBeginTime Number
        flow.begin event time
      • utmCampaign Number
        marketing campaign identifier
      • utmContent Number
        content identifier
      • utmMedium Number
        acquisition medium
      • utmSource Number
        traffic source
      • utmTerm Number
        search terms
    • [unblockCode] String optional

      Login unblock code.

Returns:

Promise:

A promise that will be fulfilled with JSON xhr.responseText of the request

sessions

(
  • sessionToken
)
Promise

Defined in client/FxAccountClient.js:1393

Get a list of user's sessions

Parameters:

  • sessionToken String

    sessionToken obtained from signIn

Returns:

Promise:

A promise that will be fulfilled with JSON xhr.responseText of the request

sessionStatus

(
  • sessionToken
)
Promise

Defined in client/FxAccountClient.js:868

Responds successfully if the session status is valid, requires the sessionToken.

Parameters:

  • sessionToken String

    User session token

Returns:

Promise:

A promise that will be fulfilled with JSON xhr.responseText of the request

signIn

(
  • email
  • password
  • [options={}]
)
Promise

Defined in client/FxAccountClient.js:176

Parameters:

  • email String

    Email input

  • password String

    Password input

  • [options={}] Object optional

    Options

    • [keys] Boolean optional

      If true, calls the API with ?keys=true to get the keyFetchToken

    • [skipCaseError] Boolean optional

      If true, the request will skip the incorrect case error

    • [service] String optional

      Service being signed into

    • [reason] String optional

      Reason for sign in. Can be one of: signin, password_check, password_change, password_reset

    • [redirectTo] String optional

      a URL that the client should be redirected to after handling the request

    • [resume] String optional

      Opaque url-encoded string that will be included in the verification link as a querystring parameter, useful for continuing an OAuth flow for example.

    • [originalLoginEmail] String optional

      If retrying after an "incorrect email case" error, this specifies the email address as originally entered by the user.

    • [verificationMethod] String optional

      Request a specific verification method be used for verifying the session, e.g. 'email-2fa' or 'totp-2fa'.

    • [metricsContext={}] Object optional

      Metrics context metadata

      • deviceId String
        identifier for the current device
      • flowId String
        identifier for the current event flow
      • flowBeginTime Number
        flow.begin event time
      • utmCampaign Number
        marketing campaign identifier
      • utmContent Number
        content identifier
      • utmMedium Number
        acquisition medium
      • utmSource Number
        traffic source
      • utmTerm Number
        search terms
    • [unblockCode] String optional

      Login unblock code.

Returns:

Promise:

A promise that will be fulfilled with JSON xhr.responseText of the request

signUp

(
  • email
  • password
  • [options={}]
)
Promise

Defined in client/FxAccountClient.js:80

Parameters:

  • email String

    Email input

  • password String

    Password input

  • [options={}] Object optional

    Options

    • [keys] Boolean optional

      If true, calls the API with ?keys=true to get the keyFetchToken

    • [service] String optional

      Opaque alphanumeric token to be included in verification links

    • [redirectTo] String optional

      a URL that the client should be redirected to after handling the request

    • [preVerified] String optional

      set email to be verified if possible

    • [resume] String optional

      Opaque url-encoded string that will be included in the verification link as a querystring parameter, useful for continuing an OAuth flow for example.

    • [lang] String optional

      set the language for the 'Accept-Language' header

    • [metricsContext={}] Object optional

      Metrics context metadata

      • deviceId String
        identifier for the current device
      • flowId String
        identifier for the current event flow
      • flowBeginTime Number
        flow.begin event time
      • utmCampaign Number
        marketing campaign identifier
      • utmContent Number
        content identifier
      • utmMedium Number
        acquisition medium
      • utmSource Number
        traffic source
      • utmTerm Number
        search terms

Returns:

Promise:

A promise that will be fulfilled with JSON xhr.responseText of the request

smsStatus

(
  • sessionToken
  • [options={}]
)

Defined in client/FxAccountClient.js:1534

Get SMS status for the current user.

Parameters:

  • sessionToken String

    SessionToken obtained from signIn

  • [options={}] Object optional

    Options

    • [country] String optional

      country Country to force for testing.

verifyCode

(
  • uid
  • code
  • [options={}]
)
Promise

Defined in client/FxAccountClient.js:294

Parameters:

  • uid String

    Account ID

  • code String

    Verification code

  • [options={}] Object optional

    Options

    • [service] String optional

      Service being signed into

    • [reminder] String optional

      Reminder that was used to verify the account

    • [type] String optional

      Type of code being verified, only supports secondary otherwise will verify account/sign-in

    • [marketingOptIn] Boolean optional

      If true, notifies marketing of opt-in intent.

Returns:

Promise:

A promise that will be fulfilled with JSON xhr.responseText of the request

verifyTotpCode

(
  • sessionToken
  • code
  • [options.service]
)

Defined in client/FxAccountClient.js:1758

Verify tokens if using a valid TOTP code.

Parameters:

  • sessionToken String

    SessionToken obtained from signIn

  • code String

    TOTP code to verif

  • [options.service] String optional

    Service being used