Backend SDK - NodeJS

The Entitlements backend SDK allows you to perform Entitlement-related actions in your backend, such as initializing your client, querying your client to check for their feature entitlements, using entitlement capabilities via REST API, validating JWT, and more.

Initializing the client

const { EntitlementsClient } = require('@frontegg/client');

// initialize the FronteggContext

// initialize entitlements client
const client = await EntitlementsClient.init(/* */);
await client.ready();

Querying Entitlements Using the Client

The client can be used to determine if a user or tenant is entitled to a feature or permission.

You will first need to validate the token, using the IdentityClient:

// validate token and decode its properties const userOrTenantEntity = await identityClient.validateToken(token);

(see Validating JWT manually for more details).

When the user/tenant entity is resolved, you can start querying the Entitlements Engine:

const userEntitlementsClient = client.forUser(userOrTenantEntity);

let result;

// asking for feature entitlement
result = await userEntitlementsClient.isEntitledToFeature('foo');
// or
result = await userEntitlementsClient.isEntitledTo({
  featureKey: 'foo'

// asking for permission entitlement
result = await userEntitlementsClient.isEntitledToPermission('');
// or
result = await userEntitlementsClient.isEntitledTo({
  permissionKey: 'foo'

The query's returned object indicates whether the user is entitled to feature access or not. The IsEntitledResult.result returns a boolean. Note that IfIsEntitledResult.result returns a truevalue, then IsEntitledResult.reason will not show in the response.

type IsEntitledResult = {
  result: boolean,
  reason: string

Removing clients

To clean up your client SDK before your app stops, you can call the client.destroy(); function.

Feature logic scheme

Permission logic scheme