Skip to Content
🚀 Legit SDK Alpha preview – help shape it on Discord here.
DocumentationAPI (core)Authentication

Authentication API

The legitFs.auth object provides authentication and user management.

🧪 Experimental - Expect frequent changes

Methods

getUser(): Promise<LegitUser>

Gets the current user information.

Returns: Promise<LegitUser> - User object:

{
  type: string; // 'local' | 'anonymous' | other types
  id: string; // User ID
  name: string; // User name
  email: string; // User email
}

Example:

const user = await legitFs.auth.getUser();
console.log(user.type); // 'local' | 'anonymous' | ...
console.log(user.name); // User name
console.log(user.email); // User email
console.log(user.id); // User ID

signInAnonymously(): Promise<void>

Signs in as an anonymous user. This generates a random UUID for the user ID and updates the user metadata.

Example:

await legitFs.auth.signInAnonymously();
const user = await legitFs.auth.getUser();
console.log(user.type); // 'anonymous'
console.log(user.id); // Random UUID
console.log(user.email); // anonymous-sha1-{uuid}-@legitcontrol.com

Note: After signing in anonymously, the user type changes from 'local' to 'anonymous', and a random UUID is generated for the user ID.

getMaxAccessTokenForBranch(branchId: string): Promise<string | undefined>

Gets the access token with maximum permissions for a branch.

Parameters:

  • branchId (string): Branch ID

Returns: Promise<string | undefined> - Access token, or undefined if no token is available

Example:

const token = await legitFs.auth.getMaxAccessTokenForBranch('main');
if (token) {
  console.log('Access token available');
} else {
  console.log('No access token for this branch');
}

Note: If no access tokens are stored, this method may return the publicKey provided to openLegitFs() if available.

addAccessToken(token: string): Promise<void>

Adds an access token to the user’s token store.

Parameters:

  • token (string): Access token to add

Example:

await legitFs.auth.addAccessToken('your-access-token');

Note: Tokens are stored in the Git configuration and associated with the current user ID.

User Types

Local User

The default user type when openLegitFs() is called without authentication. Local users:

  • Have type: 'local'
  • Have id: 'local'
  • Cannot push to remote repositories
  • Cannot use sync features that require authentication

Anonymous User

Users who have called signInAnonymously(). Anonymous users:

  • Have type: 'anonymous'
  • Have a randomly generated UUID as their id
  • Can push to remote repositories if they have access tokens
  • Can use sync features

Complete Example

// Get current user (initially local)
let user = await legitFs.auth.getUser();
console.log(user.type); // 'local'
 
// Sign in anonymously
await legitFs.auth.signInAnonymously();
user = await legitFs.auth.getUser();
console.log(user.type); // 'anonymous'
console.log(user.id); // Random UUID
 
// Add an access token
await legitFs.auth.addAccessToken('your-access-token');
 
// Get access token for a branch
const token = await legitFs.auth.getMaxAccessTokenForBranch('main');
if (token) {
  console.log('Can access branch');
}

See Also

Last updated on
Virtual EndpointsSync
Legit

© Legit Control 2025

Documentation

Introduction
Quickstart
Concepts
Examples
FAQ
Style Guide

Resources

Vision
Documentation
SDK

Community

Discord
LinkedIn
Twitter
Github
Get in touch