Skip to main content

Browser API

The Authsignal Browser API can be used to launch the Challenge UI to let users set up MFA and complete challenges.


To install the Authsignal client as an npm package, run:

npm install @authsignal/browser

This will add our browser library module to your package.json.

Then you can initialize the Authsignal browser client in your code:

import { Authsignal } from "@authsignal/browser";

const authsignal = new Authsignal({ tenantId: "YOUR_TENANT_ID", baseURL: "YOUR_REGION_BASE_URL" });

You can find your tenantId in the Authsignal Portal.

You must specify the correct baseUrl for your tenant's region.

RegionBase URL
US (Oregon)
AU (Sydney)
EU (Dublin)


launch lets you launch the Challenge UI.

authsignal.launch(url, options);


After you’ve made a server-side track call you'll get back a url which you can pass to the Browser API's launch function.

Challenge UI launched in popup mode`
Challenge UI launched with a redirect


urlstringThe URL which was returned as the result of a track request made using the Authsignal Server API.
optionsLaunchOptions | undefinedThe options used when launching the Challenge UI.


type LaunchOptions = {
* How the Challenge UI should launch.
* `popup` will cause it to open in a overlay, whilst `redirect`
* will trigger a full page redirect.
* If no value is supplied, mode defaults to `redirect`.
mode?: "popup" | "redirect";
popupOptions?: {
/** Any valid CSS value for the `width` property. */
width: string;
type TokenPayload = {
token?: string;


When mode is set as popup it returns a Promise<TokenPayload> that resolves when the popup closes.

TokenPayload is an object with a token property that can be used to verify the outcome of the user action.

Configuration options


Contains optional popup configuration. Has width which accepts any valid value for its respective CSS property. Note that popupOptions is only available when mode is set to popup.

const options: LaunchOptions = {
mode: "popup",
popupOptions: {
width: "500px",


Used when taking a user through passkey enrollment.


After you have made a server-side track call you will get back a token that can be passed to the passkey.signUp method.

authsignal.passkey.signUp({ token: 'TOKEN_FROM_SERVER_SIDE_TRACK_CALL'});


userNamestring | undefinedThe user's user name e.g. email.
tokenstringThe token from the server-side track call.


Used when reauthenticating a user with a passkey.




tokenstring | undefinedThe token from the server-side track call. If no token is provided, then an action will be automatically created server-side.
autofillstring | undefinedShould be set to true if wanting to use the browser's passkey autofill functionality.