For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
ModelsChatRankingsDocs
DocsAPI ReferenceClient SDKsAgent SDKCookbookChangelog
DocsAPI ReferenceClient SDKsAgent SDKCookbookChangelog
    • Overview
    • Usage for Agents
  • TypeScript SDK
    • Overview
      • Analytics
      • APIKeys
      • Byok
      • Chat
      • Credits
      • Embeddings
      • Endpoints
      • Generations
      • Guardrails
      • OAuth
      • Observability
      • Organization
      • Presets
      • Providers
      • Rerank
      • Beta.Responses
      • Transcriptions
      • Speech
      • VideoGeneration
      • Workspaces
  • Python SDK
    • Overview
  • Go SDK
  • DevTools
    • Overview
    • Migrating to @openrouter/agent
LogoLogo
ModelsChatRankingsDocs
On this page
  • Overview
  • Available Operations
  • exchangeAuthCodeForAPIKey
  • Example Usage
  • Standalone function
  • Parameters
  • Response
  • Errors
  • createAuthCode
  • Example Usage
  • Standalone function
  • Parameters
  • Response
  • Errors
TypeScript SDKAPI Reference

OAuth - TypeScript SDK

OAuth method reference
Was this page helpful?
Previous

Observability - TypeScript SDK

Observability method reference
Next
Built with

The TypeScript SDK and docs are currently in beta. Report issues on GitHub.

Overview

OAuth authentication endpoints

Available Operations

  • exchangeAuthCodeForAPIKey - Exchange authorization code for API key
  • createAuthCode - Create authorization code

exchangeAuthCodeForAPIKey

Exchange an authorization code from the PKCE flow for a user-controlled API key

Example Usage

1import { OpenRouter } from "@openrouter/sdk";
2
3const openRouter = new OpenRouter({
4  httpReferer: "<value>",
5  appTitle: "<value>",
6  appCategories: "<value>",
7  apiKey: process.env["OPENROUTER_API_KEY"] ?? "",
8});
9
10async function run() {
11  const result = await openRouter.oAuth.exchangeAuthCodeForAPIKey({
12    requestBody: {
13      code: "auth_code_abc123def456",
14      codeChallengeMethod: "S256",
15      codeVerifier: "dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk",
16    },
17  });
18
19  console.log(result);
20}
21
22run();

Standalone function

The standalone function version of this method:

1import { OpenRouterCore } from "@openrouter/sdk/core.js";
2import { oAuthExchangeAuthCodeForAPIKey } from "@openrouter/sdk/funcs/oAuthExchangeAuthCodeForAPIKey.js";
3
4// Use `OpenRouterCore` for best tree-shaking performance.
5// You can create one instance of it to use across an application.
6const openRouter = new OpenRouterCore({
7  httpReferer: "<value>",
8  appTitle: "<value>",
9  appCategories: "<value>",
10  apiKey: process.env["OPENROUTER_API_KEY"] ?? "",
11});
12
13async function run() {
14  const res = await oAuthExchangeAuthCodeForAPIKey(openRouter, {
15    requestBody: {
16      code: "auth_code_abc123def456",
17      codeChallengeMethod: "S256",
18      codeVerifier: "dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk",
19    },
20  });
21  if (res.ok) {
22    const { value: result } = res;
23    console.log(result);
24  } else {
25    console.log("oAuthExchangeAuthCodeForAPIKey failed:", res.error);
26  }
27}
28
29run();

Parameters

ParameterTypeRequiredDescription
requestoperations.ExchangeAuthCodeForAPIKeyRequest✔️The request object to use for the request.
optionsRequestOptions➖Used to set various options for making HTTP requests.
options.fetchOptionsRequestInit➖Options that are passed to the underlying HTTP request. This can be used to inject extra headers for examples. All Request options, except method and body, are allowed.
options.retriesRetryConfig➖Enables retrying HTTP requests under certain failure conditions.

Response

Promise<operations.ExchangeAuthCodeForAPIKeyResponse>

Errors

Error TypeStatus CodeContent Type
errors.BadRequestResponseError400application/json
errors.ForbiddenResponseError403application/json
errors.InternalServerResponseError500application/json
errors.OpenRouterDefaultError4XX, 5XX*/*

createAuthCode

Create an authorization code for the PKCE flow to generate a user-controlled API key

Example Usage

1import { OpenRouter } from "@openrouter/sdk";
2
3const openRouter = new OpenRouter({
4  httpReferer: "<value>",
5  appTitle: "<value>",
6  appCategories: "<value>",
7  apiKey: process.env["OPENROUTER_API_KEY"] ?? "",
8});
9
10async function run() {
11  const result = await openRouter.oAuth.createAuthCode({
12    requestBody: {
13      callbackUrl: "https://myapp.com/auth/callback",
14      codeChallenge: "E9Melhoa2OwvFrEMTJguCHaoeK1t8URWbuGJSstw-cM",
15      codeChallengeMethod: "S256",
16      limit: 100,
17    },
18  });
19
20  console.log(result);
21}
22
23run();

Standalone function

The standalone function version of this method:

1import { OpenRouterCore } from "@openrouter/sdk/core.js";
2import { oAuthCreateAuthCode } from "@openrouter/sdk/funcs/oAuthCreateAuthCode.js";
3
4// Use `OpenRouterCore` for best tree-shaking performance.
5// You can create one instance of it to use across an application.
6const openRouter = new OpenRouterCore({
7  httpReferer: "<value>",
8  appTitle: "<value>",
9  appCategories: "<value>",
10  apiKey: process.env["OPENROUTER_API_KEY"] ?? "",
11});
12
13async function run() {
14  const res = await oAuthCreateAuthCode(openRouter, {
15    requestBody: {
16      callbackUrl: "https://myapp.com/auth/callback",
17      codeChallenge: "E9Melhoa2OwvFrEMTJguCHaoeK1t8URWbuGJSstw-cM",
18      codeChallengeMethod: "S256",
19      limit: 100,
20    },
21  });
22  if (res.ok) {
23    const { value: result } = res;
24    console.log(result);
25  } else {
26    console.log("oAuthCreateAuthCode failed:", res.error);
27  }
28}
29
30run();

Parameters

ParameterTypeRequiredDescription
requestoperations.CreateAuthKeysCodeRequest✔️The request object to use for the request.
optionsRequestOptions➖Used to set various options for making HTTP requests.
options.fetchOptionsRequestInit➖Options that are passed to the underlying HTTP request. This can be used to inject extra headers for examples. All Request options, except method and body, are allowed.
options.retriesRetryConfig➖Enables retrying HTTP requests under certain failure conditions.

Response

Promise<operations.CreateAuthKeysCodeResponse>

Errors

Error TypeStatus CodeContent Type
errors.BadRequestResponseError400application/json
errors.UnauthorizedResponseError401application/json
errors.ConflictResponseError409application/json
errors.InternalServerResponseError500application/json
errors.OpenRouterDefaultError4XX, 5XX*/*