Authentication Guide

Learn how to implement secure authentication in your DevDocs application.

DevDocs supports multiple authentication methods including API keys, OAuth 2.0, and JWT tokens. This guide covers the most common authentication patterns.

API Key Authentication

The simplest form of authentication. Include your API key in the Authorization header: Authorization: Bearer YOUR_API_KEY

OAuth 2.0 Flow

For applications requiring user authorization, implement the OAuth 2.0 authorization code flow. Redirect users to the authorization endpoint, then exchange the code for access tokens.

JWT Token Authentication

JSON Web Tokens provide stateless authentication. Generate tokens on login and include them in subsequent requests. Tokens automatically expire after 24 hours by default.

API Reference

The DevDocs API provides programmatic access to all platform features. All API endpoints return JSON responses.

Method	Endpoint	Description
GET	/api/v1/docs	List all documents
POST	/api/v1/docs	Create a document
GET	/api/v1/docs/:id	Get document by ID
PUT	/api/v1/docs/:id	Update a document
DELETE	/api/v1/docs/:id	Delete a document

Data fetching

Here are some common usage examples to help you get started:

Fetching Documents

const response = await fetch('/api/v1/docs', {
  headers: {
    'Authorization': `Bearer ${apiKey}`,
    'Content-Type': 'application/json'
  }
});

const docs = await response.json();
console.log(docs);

Creating a Document

const newDoc = await fetch('/api/v1/docs', {
  method: 'POST',
  headers: {
    'Authorization': `Bearer ${apiKey}`,
    'Content-Type': 'application/json'
  },
  body: JSON.stringify({
    title: 'New Document',
    content: 'Document content here...'
  })
});

const result = await newDoc.json();

Tip

Use our official SDK for easier integration. It handles authentication, retries, and error handling automatically.

Error Handling

Proper error management ensures a smooth user experience. We provide a global error boundary to catch and log issues automatically.

DevDocs uses a standardized error reporting system to help you debug issues quickly. Errors are returned as objects containing a machine-readable code and a human-readable message.

Standard Error Codes

Code	Description	Action
`ERR_AUTH_FAILED`	Invalid or expired API credentials.	Refresh your token or check your config.
`ERR_NETWORK`	The SDK cannot reach the server.	Check your internet connection or firewall.
`ERR_INVALID_CONFIG`	Required parameters are missing in your setup.	Validate your `devdocs.config.js` file.

Best Practices

We recommend wrapping your SDK initialization and data calls in try...catch blocks to prevent your application from crashing during unexpected failures.

try {
  const data = await docs.fetch('/api/resource');
} catch (error) {
  if (error.code === 'ERR_AUTH_FAILED') {
    redirectToLogin();
  } else {
    console.error('An unexpected error occurred:', error.message);
  }
}

Global Interceptor

You can configure a global error handler in your initialization settings to log errors to services like Sentry or LogRocket automatically.

Important

Always sanitize error messages before displaying them to end-users to avoid leaking sensitive server information.

Testing

We recommend using Jest or Vitest to test your implementation. Use our testing utility to mock the DevDocs environment.

import { renderDocs } from 'devdocs-testing-library';

test('renders introduction page', () => {
  renderDocs('/intro');
});