const sendRes = await scalekit.passwordless. sendPasswordlessEmail(
"user@example.com",{ magiclinkAuthUri: "https://yourapp.com/verify" }
);
await scalekit.passwordless.resendPasswordlessEmail(sendRes.authRequestId);
const verifyRes = await scalekit.passwordless. verifyPasswordlessEmail(
{ code: "123456"}, sendRes.authRequestId
);
const opts = { organizationId : 'org_123',connectionId:’conn_456’,loginHint:‘user@corp.com’ };
const authUrl = scalekit.getAuthorizationUrl('https://yourapp.com/auth/callback',opts);
// Redirect user to authUrl
// After login, handle callback with ?code=...
const {code} = req.query
const result = await scalekit. authenticateWithCode(code,
‘https =//yourapp.com/auth/callback');
const user = result.user;
curl = 'https://$SCALEKIT_ENVIRONMENT_URL/api/v1/users/{id}' \
--request PATCH \
--header 'Content-Type: application/json' \
--data '{
"external_id": "ext_12345a67b89c",
"metadata": {"department": "engineering", "location": "nyc-office"},
"user_profile": {
"custom_attributes": {"department": "engineering", "security clearance": "level12"},
"first_name": "John", "last_name":"Doe", "locale": "en-US",
"metadata": {"account_status": "active", "signup_source": "mobile_app"},
"name": "John Michael Doe", "phone_number":"+14155552671"
}
)’
const RESOURCE_ID = 'https://your-mcp-server.com';
const resource_metadata_endpoint = 'https://your-mcp-server.com/.well-known/oauth-protected-resource';
app.get('/.well-known/oauth-protected-resource', (req, res) => res.json({
authorization_servers: ['https://your-app.scalekit.com/resources/xxx'],
bearer_methods_supported: ['header'],
resource: RESOURCE_ID
}));
app.use(async (req, res, next) => {
const token = req.headers['authorization']?.split('Bearer')[1]?.trim();
if (!token) return res.sendStatus(401);
await scalekit.validateToken(token, { audience: [RESOURCE_ID] });
next();
}));