Knock TypeScript API Library

This library provides convenient access to the Knock REST API from server-side TypeScript or JavaScript.

The REST API documentation can be found on docs.knock.app. The full API of this library can be found in api.md.

It is generated with Stainless.

Installation

1npm install @knocklabs/node

Usage

The full API of this library can be found in api.md.

1import Knock from '@knocklabs/node';
2
3const client = new Knock({
4  apiKey: process.env['KNOCK_API_KEY'], // This is the default and can be omitted
5});
6
7const response = await client.workflows.trigger('dinosaurs-loose', {
8  recipients: ['dnedry'],
9  data: { dinosaur: 'triceratops' },
10});
11
12console.log(response.workflow_run_id);

Request & Response types

This library includes TypeScript definitions for all request params and response fields. You may import and use them like so:

1import Knock from '@knocklabs/node';
2
3const client = new Knock({
4  apiKey: process.env['KNOCK_API_KEY'], // This is the default and can be omitted
5});
6
7const user: Knock.User = await client.users.get('dnedry');

Documentation for each method, request param, and response field are available in docstrings and will appear on hover in most modern editors.

Handling errors

When the library is unable to connect to the API, or if the API returns a non-success status code (i.e., 4xx or 5xx response), a subclass of APIError will be thrown:

1const user = await client.users.get('dnedry').catch(async (err) => {
2  if (err instanceof Knock.APIError) {
3    console.log(err.status); // 400
4    console.log(err.name); // BadRequestError
5    console.log(err.headers); // {server: 'nginx', ...}
6  } else {
7    throw err;
8  }
9});

Error codes are as follows:

Status Code	Error Type
400	BadRequestError
401	AuthenticationError
403	PermissionDeniedError
404	NotFoundError
422	UnprocessableEntityError
429	RateLimitError
>=500	InternalServerError
N/A	APIConnectionError

Retries

Certain errors will be automatically retried 2 times by default, with a short exponential backoff. Connection errors (for example, due to a network connectivity problem), 408 Request Timeout, 409 Conflict, 429 Rate Limit, and >=500 Internal errors will all be retried by default.

You can use the maxRetries option to configure or disable this:

1// Configure the default for all requests:
2const client = new Knock({
3  maxRetries: 0, // default is 2
4});
5
6// Or, configure per-request:
7await client.users.get('dnedry', {
8  maxRetries: 5,
9});

Timeouts

Requests time out after 1 minute by default. You can configure this with a timeout option:

1// Configure the default for all requests:
2const client = new Knock({
3  timeout: 20 * 1000, // 20 seconds (default is 1 minute)
4});
5
6// Override per-request:
7await client.users.get('dnedry', {
8  timeout: 5 * 1000,
9});

On timeout, an APIConnectionTimeoutError is thrown.

Note that requests which time out will be retried twice by default.

Auto-pagination

List methods in the Knock API are paginated. You can use the for await … of syntax to iterate through items across all pages:

1async function fetchAllUsers(params) {
2  const allUsers = [];
3  // Automatically fetches more pages as needed.
4  for await (const user of client.users.list()) {
5    allUsers.push(user);
6  }
7  return allUsers;
8}

Alternatively, you can request a single page at a time:

1let page = await client.users.list();
2for (const user of page.entries) {
3  console.log(user);
4}
5
6// Convenience methods are provided for manually paginating:
7while (page.hasNextPage()) {
8  page = await page.getNextPage();
9  // ...
10}

Advanced Usage

Accessing raw Response data (e.g., headers)

The "raw" Response returned by fetch() can be accessed through the .asResponse() method on the APIPromise type that all methods return. This method returns as soon as the headers for a successful response are received and does not consume the response body, so you are free to write custom parsing or streaming logic.

You can also use the .withResponse() method to get the raw Response along with the parsed data. Unlike .asResponse() this method consumes the body, returning once it is parsed.

1const client = new Knock();
2
3const response = await client.users.get('dnedry').asResponse();
4console.log(response.headers.get('X-My-Header'));
5console.log(response.statusText); // access the underlying Response object
6
7const { data: user, response: raw } = await client.users.get('dnedry').withResponse();
8console.log(raw.headers.get('X-My-Header'));
9console.log(user.id);

Logging

[!IMPORTANT] All log messages are intended for debugging only. The format and content of log messages may change between releases.

Log levels

The log level can be configured in two ways:

1. Via the KNOCK_LOG environment variable
2. Using the logLevel client option (overrides the environment variable if set)

1import Knock from '@knocklabs/node';
2
3const client = new Knock({
4  logLevel: 'debug', // Show all log messages
5});

Available log levels, from most to least verbose:

• 'debug' - Show debug messages, info, warnings, and errors
• 'info' - Show info messages, warnings, and errors
• 'warn' - Show warnings and errors (default)
• 'error' - Show only errors
• 'off' - Disable all logging

At the 'debug' level, all HTTP requests and responses are logged, including headers and bodies. Some authentication-related headers are redacted, but sensitive data in request and response bodies may still be visible.

Custom logger

By default, this library logs to globalThis.console. You can also provide a custom logger. Most logging libraries are supported, including pino, winston, bunyan, consola, signale, and @std/log. If your logger doesn't work, please open an issue.

When providing a custom logger, the logLevel option still controls which messages are emitted, messages below the configured level will not be sent to your logger.

1import Knock from '@knocklabs/node';
2import pino from 'pino';
3
4const logger = pino();
5
6const client = new Knock({
7  logger: logger.child({ name: 'Knock' }),
8  logLevel: 'debug', // Send all messages to pino, allowing it to filter
9});

Making custom/undocumented requests

This library is typed for convenient access to the documented API. If you need to access undocumented endpoints, params, or response properties, the library can still be used.

JWT Token Signing

The SDK provides functionality to sign authentication tokens for client-side requests, such as for in-app feeds. This feature requires the jose package as an optional peer dependency.

Installation

If you plan to use JWT token signing, you'll need to install jose:

1npm install jose
2# or
3yarn add jose

Basic Usage

1import Knock from '@knocklabs/node';
2
3// Generate a JWT token for a user
4const token = await Knock.signUserToken('user-1');

Advanced Usage with Grants

You can provide specific grants to control access to different resources:

1import { signUserToken, buildUserTokenGrant, Grants } from '@knocklabs/node';
2
3const token = await signUserToken('user-1', {
4  // Token valid for 12 hours (43200 seconds)
5  expiresInSeconds: 43200,
6  // Grants for tenant and object access
7  grants: [
8    // Grant access to a tenant
9    buildUserTokenGrant({ type: 'tenant', id: 'tenant-id' }, [Grants.SlackChannelsRead]),
10    // Grant access to specific objects
11    buildUserTokenGrant({ type: 'object', id: 'object-id', collection: 'videos' }, [
12      Grants.ChannelDataRead,
13      Grants.ChannelDataWrite,
14    ]),
15  ],
16});

For more examples and detailed documentation about token signing, see the token signing examples and visit Knock's Authentication Documentation.

Undocumented endpoints

To make requests to undocumented endpoints, you can use client.get, client.post, and other HTTP verbs. Options on the client, such as retries, will be respected when making these requests.

1await client.post('/some/path', {
2  body: { some_prop: 'foo' },
3  query: { some_query_arg: 'bar' },
4});

Undocumented request params

To make requests using undocumented parameters, you may use // @ts-expect-error on the undocumented parameter. This library doesn't validate at runtime that the request matches the type, so any extra values you send will be sent as-is.

1client.workflows.trigger({
2  // ...
3  // @ts-expect-error baz is not yet public
4  baz: 'undocumented option',
5});

For requests with the GET verb, any extra params will be in the query, all other requests will send the extra param in the body.

If you want to explicitly send an extra argument, you can do so with the query, body, and headers request options.

Undocumented response properties

To access undocumented response properties, you may access the response object with // @ts-expect-error on the response object, or cast the response object to the requisite type. Like the request params, we do not validate or strip extra properties from the response from the API.

Customizing the fetch client

By default, this library expects a global fetch function is defined.

If you want to use a different fetch function, you can either polyfill the global:

1import fetch from 'my-fetch';
2
3globalThis.fetch = fetch;

Or pass it to the client:

1import Knock from '@knocklabs/node';
2import fetch from 'my-fetch';
3
4const client = new Knock({ fetch });

Fetch options

If you want to set custom fetch options without overriding the fetch function, you can provide a fetchOptions object when instantiating the client or making a request. (Request-specific options override client options.)

1import Knock from '@knocklabs/node';
2
3const client = new Knock({
4  fetchOptions: {
5    // `RequestInit` options
6  },
7});

Configuring proxies

To modify proxy behavior, you can provide custom fetchOptions that add runtime-specific proxy options to requests:

Node ^[docs]

1import Knock from '@knocklabs/node';
2import * as undici from 'undici';
3
4const proxyAgent = new undici.ProxyAgent('http://localhost:8888');
5const client = new Knock({
6  fetchOptions: {
7    dispatcher: proxyAgent,
8  },
9});

Bun ^[docs]

1import Knock from '@knocklabs/node';
2
3const client = new Knock({
4  fetchOptions: {
5    proxy: 'http://localhost:8888',
6  },
7});

Deno ^[docs]

1import Knock from 'npm:@knocklabs/node';
2
3const httpClient = Deno.createHttpClient({ proxy: { url: 'http://localhost:8888' } });
4const client = new Knock({
5  fetchOptions: {
6    client: httpClient,
7  },
8});

Frequently Asked Questions

Semantic versioning

This package generally follows SemVer conventions, though certain backwards-incompatible changes may be released as minor versions:

1. Changes that only affect static types, without breaking runtime behavior.
2. Changes to library internals which are technically public but not intended or documented for external use. (Please open a GitHub issue to let us know if you are relying on such internals.)
3. Changes that we do not expect to impact the vast majority of users in practice.

We take backwards-compatibility seriously and work hard to ensure you can rely on a smooth upgrade experience.

We are keen for your feedback; please open an issue with questions, bugs, or suggestions.

Requirements

TypeScript >= 4.9 is supported.

The following runtimes are supported:

• Web browsers (Up-to-date Chrome, Firefox, Safari, Edge, and more)
• Node.js 20 LTS or later (non-EOL) versions.
• Deno v1.28.0 or higher.
• Bun 1.0 or later.
• Cloudflare Workers.
• Vercel Edge Runtime.
• Jest 28 or greater with the "node" environment ("jsdom" is not supported at this time).
• Nitro v2.6 or greater.

Note that React Native is not supported at this time.

If you are interested in other runtime environments, please open or upvote an issue on GitHub.

Contributing

See the contributing documentation.