Node.js SDK

The @relynt/sdk package provides a typed client for the Relynt authorization gateway in Node.js and TypeScript.

Install

npm


npm install @relynt/sdk

pnpm


pnpm add @relynt/sdk

yarn


yarn add @relynt/sdk

Quick start


import { RelyntClient } from "@relynt/sdk";
 
const client = new RelyntClient({
  baseUrl: process.env.RELYNT_API_BASE_URL!,
  agentSecret: process.env.RELYNT_AGENT_SECRET!,
});
 
const result = await client.requestAction({
  action: "update_deal",
  resource: "crm:deal:123",
  payload: {
    amount: 52000,
    previous_amount: 50000,
  },
});
 
console.log(result.decision);  // "allow" | "deny" | "pending_approval"
console.log(result.receiptId); // UUID of the signed receipt

Handling approvals

When the policy requires human approval, the decision will be "pending_approval" and an approvalId is returned. Use pollApproval to wait for the decision:


if (result.decision === "pending_approval") {
  const approval = await client.pollApproval({
    approvalId: result.approvalId!,
    timeoutMs: 300_000, // 5 minutes
  });
 
  console.log(approval.status);    // "approved" | "denied" | "expired"
  console.log(approval.decidedBy); // e.g. "slack:U12345"
}

Idempotency

Pass an idempotencyKey to prevent duplicate processing when retrying:


const result = await client.requestAction({
  action: "update_deal",
  resource: "crm:deal:123",
  payload: { amount: 52000 },
  idempotencyKey: "my-unique-key-abc123",
});

Error handling

The SDK throws typed errors that you can catch and handle:


import {
  RelyntClient,
  AuthenticationError,
  RequestError,
  ApprovalTimeoutError,
  NetworkError,
} from "@relynt/sdk";
 
try {
  const result = await client.requestAction({ ... });
} catch (err) {
  if (err instanceof AuthenticationError) {
    // Invalid or expired agent secret (401/403)
  } else if (err instanceof RequestError) {
    // Bad request (4xx)
  } else if (err instanceof NetworkError) {
    // Gateway unreachable or request timed out
  }
}

API reference

`new RelyntClient(config)`

Parameter	Type	Required	Description
`baseUrl`	`string`	Yes	Relynt gateway URL
`agentSecret`	`string`	Yes	Agent credential from rotation
`timeoutMs`	`number`	No	Request timeout (default: 30000)

`client.requestAction(params)`

Parameter	Type	Required	Description
`action`	`string`	Yes	Operation name (e.g. `"update_deal"`)
`resource`	`string`	Yes	Resource identifier (e.g. `"crm:deal:123"`)
`payload`	`object`	Yes	Action payload
`idempotencyKey`	`string`	No	Deduplication key
`instanceId`	`string`	No	Agent instance identifier

Returns ActionResult:


{
  decision: "allow" | "deny" | "pending_approval";
  receiptId: string;
  approvalId?: string;
  toolResponse?: Record<string, unknown>;
  reason?: string;
  riskLevel?: "low" | "medium" | "high";
  policyVersion?: string;
}

`client.pollApproval(params)`

Parameter	Type	Required	Description
`approvalId`	`string`	Yes	Approval ID from `requestAction`
`intervalMs`	`number`	No	Poll interval (default: 3000)
`timeoutMs`	`number`	No	Max wait time (default: 300000)

Returns ApprovalResult:


{
  status: "approved" | "denied" | "expired";
  decidedBy?: string;
  decidedAt?: string;
}

Environment variables

Variable	Description
`RELYNT_API_BASE_URL`	Gateway URL
`RELYNT_AGENT_SECRET`	Agent credential (from dashboard rotation)
`RELYNT_AGENT_ID`	Agent UUID (informational)
`RELYNT_ORG_ID`	Organization UUID (informational)