Function Signature
@dynamic-labs-wallet/node.
Description
Creates a headless auth client — the server-side counterpart to the JS client SDK’s sign-in flows. It mints a Dynamic user JWT via email OTP or Sign-In With Ethereum (SIWE) so a server-side agent can obtain a JWT without a browser, then hand it to authenticateJwt. The client holds configuration only — no secrets, no persistence. Sign-in prompting (collecting the OTP code, getting the sign-in message signed) and storage of the resulting JWT stay with you.Parameters
Required Parameters
environmentId(string) - Your Dynamic environment ID.
Optional Parameters
appOrigin(string) - The origin SIWE sign-ins present as (for example,https://yourapp.example.com). It must be on the environment’s allowlisted CORS origins.wallet.signInderives itsdomainandurifrom it; per-call params override. Throws"createAuthClient appOrigin is not a valid URL"at sign-in time if it does not parse as a URL.baseUrl(string) - Override the Dynamic API base URL. Defaults to the production API.fetchApi(FetchAPI) - Custom fetch implementation (tests, proxies).
Returns
DynamicAuthClient- An object with two sign-in flows:
AuthResult:
Example
Error Handling
All methods throwError with a descriptive message:
- 401 responses →
"<operation> failed: the code or signature is invalid or expired". - Other HTTP errors → the server’s error message and status code (codes and messages only — never tokens).
- MFA-required accounts →
"account requires MFA, which the headless auth client does not support". - Cookie-auth environments → sign-in responses carry no JWT in the body; the client throws explaining that headless clients cannot consume cookie auth.
wallet.signIninput validation → thrown before any network call; see Wallet sign-in.
Related Functions
authenticateJwt()- Use the minted JWTgenerateSessionKeyPair()- Generate the session key to bind at sign-in